A dermatologist in North Carolina has 675 back scratchers.
An Italian man owns 8,650 water bottle labels.
A British engineer has 137 different types of traffic cones.
And I’m willing to bet that you have been building an interesting collection of your own over the past few years: passwords.
We all know that using strong passwords is how to keep data safe and secure, but it seems like every time we turn around we’re needing to come up with another one. It can quickly get overwhelming!
How many passwords do you think you have now? Can you even remember them all, or do you just automatically click the “forgot password” link on the sites you visit?
A study conducted in 2020 showed that the average person has around 100 passwords! That is up from 70-80 passwords in 2019…most likely as a result of the amount of time we all spent at home on our phones and computers during COVID.
In a post we did on “3 Best Ways to Protect Your Business Data,” we mentioned the importance of using good password practices. You and I are carrying around a lot of valuable information that bad actors all over the world would love to exploit.
Cyber attacks are already up 102% in the first 6 months of 2021 compared to the same time period a year ago. (Security magazine reports that there is a hacker attack every 39 seconds.) Since we wrote that post in April, hacking has made big news again with attacks on the Colonial Pipeline, beef supplier JBS, and even a Florida city’s water supply.
Want another breaking story that might affect you directly?
Cybernews.com just reported on “RockYou2021”, the largest ever password compilation leak with 8.5 billion passwords affected! They’ve created a helpful password checker so you can see if one of yours was included, so you should definitely take a look.
Since now is a really good time to update your passwords, we thought it would be a good idea to dive deeper into how to keep data safe and secure.
4 Ideas on How to Keep Data Safe and Secure
1. Pay attention. Don’t be sloppy.
In a world where hackers never rest, you can’t afford to be complacent when it comes to your passwords. We need to be as interested in protecting them as they are in stealing them.
If you are sloppy with passwords, you’re just making it easier for the bad guys to win. Pay attention to the basics when it comes to protecting your data.
- Don’t use the same password for everything.
- Don’t use obvious things like “password”, “123456”, or even keyboard layout patterns like “qwerty” or “asdfgh”.
- Please don’t use personal information in your password like your name, birthday, or street.
2. Make passwords longer, not more complicated.
The National Institute of Standards in Technology (NIST) released its updated guidelines on digital security recently. Each year since 2017 they’ve examined what techniques are most effective when it comes to password protection.
One of the surprising findings in this year’s study is that the complexity of a password doesn’t matter nearly as much as it’s length. How it is constructed seems to be largely irrelevant (as long as you remember point #1 above.)
NIST recommends that passwords be 15-20 characters in length to be effective while still being short enough to remember.
Cybersecurity company, Hivesytems, put together a great infographic last year showing just how long it can take hackers to figure out your password. Short passwords get hacked instantly. As you can see, though, even weak passwords made up of nothing but numbers can take 9 months to crack if they’re long enough.
It’s clear from this research that making your passwords longer is how to keep your data safe and secure.
As we are required to come up with more and more complicated passwords, we can get more and more frustrated. And when frustration occurs, human nature reverts to predictable patterns of behavior…patterns that can be exploited by the bad guys.
In the case of passwords, when we try to satisfy the complexity requirements in ways that we can easily remember, several problems are created:
- We forget passwords more often.
- We save our “complex” passwords in an unsecure way (sticky notes on the screen, anyone?).
- And worse,we use the same passwords over and over so we don’t have to remember as many.
3. Get Creative.
Hackers and the programs they use figured out long ago how to look for common dictionary words, repeating or sequential number sequences, and context-specific words.
So stay away from the obvious things when creating passwords.
In our earlier post on protecting your data, we cited a few tips from the Swiss Cyber Security Forum. Getting creative is how to keep data safe and secure.
- Don’t use words found in dictionaries. Use a made-up word as part of your password.
- Include brackets. People don’t often use ( ), { }, [ ], or < >, so they’re harder to hack.
- Misspell words.
4. Use a Password Manager.
People aren’t trying to steal your passwords…their computers are. And artificial intelligence is being used more and more to “learn” how to break into our lives.
Creating passwords yourself to try and thwart the electronic evil ones works up to a point, but (as sci-fi horror stories remind us) the computers always win. So it only makes sense to fight one computer with another.
Password management companies allow you to create one master password for their system which will then take over the responsibility for creating every other password you need to use. The NIST study ultimately recommends using one of the leading password management companies as the best way to keep data safe and secure.
There are several password management companies that have a long and successful track record. Tech.co has put together a good comparison of the best password managers for 2021. Do your homework and find the one that works best for you.
If you apply the tips we’ve covered so far to creating a good master password, that’ll be the only one you ever need to remember. And you’ll be able to enjoy a lot more peace of mind.
- “Choose a long passphrase and protect it from being stolen.
- Set the password manager up to generate random, unique, complex passwords for each account.
- Use multi-factor authentication so that you have to be personally involved anytime your master password is affected.
Don’t fight alone.
Remember to partner with professionals who are as concerned with how to keep data safe and secure as you are. Especially when it comes to your finances!
CRS CPA understands how valuable your information is, and we work hard to protect it. It’s why we specifically work with our clients to establish strong Internal Controls. And it’s why we put together our SafeSend program for filing taxes securely online.
To learn more about the importance of securing and backing up your financial data, download the free PDF we put together on “9 Simple Accounting Mistakes that Are Costing Your Business Money.”
Then schedule a call with one of our business and accounting experts. We believe that you deserve to have your data protected so that you can focus on growing your business.
