We use passwords to log into everything from Gmail to Facebook every day. This creates a great need for people to securely handle passwords, since they contain so much of our personal information. Unfortunately, many simply don’t. In this blog post, we will review ways you can teach your users how to make strong passwords and why good passwords are important. We’ll also show that a good password doesn’t have to be impossible to remember.
Why do I need a strong password?
Many of us probably have that one password that we use for too many different accounts. Perhaps you even use the same password for work and personal use. But what’s wrong with that? If it has numbers, letters, and characters, doesn't that already make it a strong password?
It could very well be. But if reused, we become more vulnerable to cybercrime. Cybercriminals know that many people reuse passwords, so if they manage to break into just one database – such as your local film club – they will try their luck with that password elsewhere. If you happen to use the same password at work and for personal use, then the film club’s poor IT security will have put your work data and your own personal data at risk. Reusing passwords also increases your risk if, for example, you fall victim to phishing. In this case, the cybercriminal will have both your email and password.
Given this scenario, it seems obvious that nobody should reuse passwords, but they still do! Why? Because it is easier than having to remember many, many passwords, which seems impossible.
Use these ideas to make a strong password
To make things a bit easier, we have created a small step-by-step guide on how to make strong passwords that are also easy to remember.
Voila! And you have created a strong password that is possible to remember. Of course, this password must not be reused. A good tip for using it in several places is to insert something in the password that matches the website for which it’s being used. For example, you could insert ‘FB’ before the last character if you’re using it on Facebook, or ‘GM’ for Gmail. So, the password could look something like this:
Facebook: ILov3ToSai1FB!
Gmail: ILov3ToSai1GM!
With this system, you can handle passwords more securely while still being able to remember them. It’s also a really good idea to come up with one sentence for work-related logins and another for private logins, as it is always good practice to keep those separate.
Consider using a password manager
Even though the above technique is a good way to create strong passwords you can remember, it can still be difficult to remember 20 different passwords to 20 different systems. Luckily, password managers can be your friend here. Password managers can help you store and manage your company's passwords. With a password manager, your employees only need to remember one single master password. It also makes it possible for your cyber security team to keep track of the strength of passwords used across your whole organisation.
Good passwords are just one part of a strong cybersecurity culture
Your team’s knowledge and diligence are crucial for your cybersecurity. CyberPilot offers awareness training, which trains employees in cybersecurity and good data processing. With our awareness training, you will achieve a higher level of security, a stronger security culture, and a good foundation for compliance with the GDPR.
Further reading: What is malware and how do you prevent it?