Post-RH-Global Learning Systems

It’s 2020, and if you’re not using a password manager, you either don’t use technology or you are using unsecure passwords.

(Or you meticulously manage and guard a piece of paper… more on this later.)

Here are some quick and simple steps to ensure your accounts remain your accounts.
  1. Do not ever share your credentials with anyone. Ever. 
    • No legitimate organization, provider, or even your employer or IT department, should ever ask for or need this from you. Those who need access already have it without your personal password.
  2. If you need to give your sibling/parent/friend access to something personal, set up a new password for them and then change it the moment they are finished.
  3. Always use a new, unique password for Every. Single. Account. 
    • If you do not, then when 1 is compromised, all will fall.
  4. Always use a password at least 20 characters long (or the maximum number allowed).
  5. Longer is stronger than using characters and cryptic looking nonsense.
  6. Asir84^&isheW is less strong than MypinkfishEatsmackandcheese.
  7. Never use words/phrases/numbers that can be easily assigned to you
    • Birthdates, anniversaries, pet names, significant other, family names, etc.
  8. If it can be found on social media, it should not be in your password or “secret” questions
  9. Always use Multi-Factor Authentication where available.
  10. You do NOT need to constantly change passwords if you’re following the rest of these steps.
  11. Do use a password manager (see below).
  12. Do not save passwords in your browser.  A browser is NOT a secure password manager.
  13. NEVER store passwords in plain text on your computer.

If you use a password manager, use one of the established, trusted providers.  Paid versions are worth the money and have a higher level of protection.  And for the love of your sanity, please follow all the suggestions above in picking a master password.

For those who still write down passwords, remember to treat this like hard cash money. If you wouldn’t put a few thousand in cash somewhere, don’t put your password list there, or it will vanish just as quickly and likely result in more loss.

Author:
Robert Hodges
Global Learning Systems


 

Forsyte I.T. Solutions and Global Learning Systems understand that cybersecurity education is a critical step in protecting your people and data. We partner to generate awareness and keep organizations safe. If you would like to learn more about the educational benefits Global Learning Systems can drive for your organization, please reach out to Robert Hodges at rhodges@globallearningsystems.com.

 
FREE GLS Resources to leverage this month:

Robert Hodges is a 15-year cybersecurity industry veteran, currently leading Business Development at Global Learning Systems, a top Gartner ranked provider of enterprise security awareness and compliance training solutions worldwide.  

Read more about tools and tips for instituting better cybersecurity solutions

– Azure AD Password Protection

– Azure AD Password Reset

– Password Sync vs. ADFS

Connect with us on social to see recent news and industry updates.
Comments are closed.