In our digital era, websites have never had higher security, but also more threats. One often overlooked component of maintaining platform security starts at the login page with password protection. While a great start is to have different passwords for each platform, there are also other steps that you can take to ensure the safety of your professional sites. This is the focus of today’s post.
There are several “old school” ways that professionals make sure their passwords are maintained. There are updated versions of each of these methods, but they are not to be overlooked if your business uses them. Included in this list are:
- Writing passwords on sticky notes or secure, private computer documents
- Using similar passwords for each platform
- Relying on the “Forgot Password” option
Thankfully, there are now better ways that are more secure. Not to mention, they are easy to implement. You and your team can be on the same page and rest easy knowing that your platforms are safe.
Tip #1: Use Hard-to-Guess Passwords and Differentiate on Each Platform
A good general rule of thumb is to never use the same password twice, especially on sensitive accounts. Professionals recommend a mix of alphabetical and numeric characters, upper and lower case letters, and symbols, if permitted. Strong passwords are typically between 12 and 14 characters at the minimum, and do not contain phrases or properly-spelled words. Boston University has several suggestions for creating one.
Tip #2: Change Passwords Regularly
Passwords for your website and social media platforms do not fall under the “set it and forget it” category. While it’s easy to get into this habit, make changing it up every so often a priority by setting calendar reminders.
There really isn’t a consensus as to how often passwords should be reset. While some professionals may recommend doing so every or every other month, others say that it’s more beneficial to change passwords only two to three times per year. You will know what works best for your situation. Password changes should also occur anytime there is a security breach, after a team member who had access to the information leaves the business, or there is a malware threat.
Tip #3: Utilize Two-Factor Authentication
Most platforms today will give users the option to employ two-factor authentication (2FA) as an extra layer of security. 2FA requires that you know more than just a password to gain access to a site. For example, you can set it up so that anytime someone tries to log in to your platforms, you receive a text message or email to confirm that it is a trusted individual.
A common example of 2FA in everyday life is an ATM. ATMs require that you have your card, as well as know the PIN to access your bank account. If you can successfully present these two items, you can gain access to your funds.
This is the same principle behind 2FA online. There can be difficulties when passwords are shared with multiple employees, but this comes along with increased security. And when you get an alert that someone is trying to log in and that person is not on your team, you know it’s time to change passwords.
Remembering Your Passwords
While it’s all well and good to have strong passwords and added layers of security, there comes a problem when passwords are hard to remember and you’re constantly having to reset them in order to log in.
One technique is to take a common phrase and turn it into an acronym with a few memorable numbers and symbols added in. Another might be to keep passwords in a document hidden deep within your files (although then it becomes a matter of remembering where that file is).
There are also several tools that you can use that will remember sensitive information for you. A common example is 1Password. This program allows you to share many different passwords and usernames among team members, and is extremely secure. The only thing you have to remember is the master password to get into your account.
Setting up a password that is secure and easy to use can be difficult, but it’s also an incredibly important step in establishing site security. Concerned about the safety of your own site? Call Vervology today for a consultation.