News, Reviews and Resources for ITSM Professionals.

Protecting our Data; a quick guide to password management

Home » Featured, Guides » Protecting our Data; a quick guide to password management

So here it is. I think we can safely say that it hasn’t been a great few weeks for security or protecting people’s personal information. At the time of press both Vodafone and Talk Talk had been hit by security breaches and there are lots of anxious customers worried if their personal data has been compromised.

In the case of Vodafone, the data breach was external to Vodafone i.e. the data had been found elsewhere and the hackers were trying their luck on the Vodafone corporate site from some other breach to see how many customers has reused their passwords.

Screen Shot 2015-11-03 at 09.43.19

Password Management Best Practice

In a digital age, how do we keep our data safe? Here are our top tips for password management best practice (and no, we don’t recommend you try squirrel noises!).

VARIETY

– Do NOT use the same password for everything. I know, I know it’s a pain in the hoop having to remember multiple passwords but research shows that if your credentials are compromised, hackers will often try the same login details on Amazon, Ebay, Pay Pal etc. Nothing is bullet proof 100% of the time so let’s at least apply some damage limitation to the situation.

STRONG PASSWORDS

I had a real “ah here” moment a few months ago. I was given access to a corporate system for an organisation that will remain nameless. The system in question gave me access to the corporate e-mail & SharePoint systems as well as some key competitor & market trend analysis. What was the password? Wecome1. Come on people, we can do better than that!

A few simple hints and tips are:

  • Use long, complex passwords. Use multiple cases (i.e. capital & small letters), numbers & symbols / special characters.
  • Don’t use words that can be found in a dictionary. There are password cracking tools freely available on the internet which can crack passwords using what’s known as a “brute force” attack.
  • Don’t use your e-mail address, network id or personal information such as your National Insurance number or date of birth.
  • Don’t use common passwords such as “password” (and yes, people still do this) or “welcome”.
  • Don’t use sequential passwords such as 1 2 3 4 or QWERTY. No, just no!
  • Try using part of a saying to make a complex password easy to remember. One example we all know is Money Makes The World Go Round – so how do we make a secure password? Abbreviate, mix the cases up & substitute letters with characters and add in some numbers – suddenly you have a password that’s much harder to guess for example 20mMtw9R*15
  • You could also consider using a password manager. Password managers are software applications that securely store all your passwords so you only have to remember one password. The stored passwords are encrypted so you have to create one strong, master password that will give you access to the rest of your saved passwords. There are lots of password managers available online; Roboform, Dashlane and Password box are some examples the have been recommended by c|net, Infoworld, and PC Mag.

So there you have it. It’s a jungle out there so stay safe people! One last thought though, it’s not all doom and gloom. Check out Vodafone Ireland’s latest TV ad if you need cheering up if you’re an anxious Vodafone UK or Talk Talk customer. Guaranteed to make you smile, promise.

That’s all folks.

Image credit




comment closed