Best Practices for Strong Passwords

“Security researchers from Cybernews say they have uncovered what appears to be the biggest collection of stolen and leaked credentials ever seen on the BreachForums criminal underground forum. Containing what is said to be an astonishing 9,948,575,739 unique passwords…”
Read this article at Forbes >

In light of this, we wanted to provide this reminder that updating your passwords on a regular basis is strongly recommended. Additionally, be sure to follow rules for strong passwords:

1. A strong password should be at least 12 characters long, but 14 or more is better. Shorter passwords can be cracked quickly using brute force attacks.

2. Use a combination of uppercase and lowercase letters, numbers, and symbols. Avoid using real words, or names of people, places, or things. Instead, try using a memorable phrase, like "3GoldensRGr8^"

3. Don't reuse passwords across different accounts or devices. Use a unique password for every single account.

4. Don’t save files of passwords on your computer! Businesses are notorious for saving files containing all of their employee passwords on devices. This single file being exploited would be hugely problematic for any company.

5. Don’t enter your password into anything other than the legitimate login page for whatever app or website you are using. Spoofing and phishing attacks are all too common, with the goal of getting you to hand over your credentials. If you’re ever unsure, don’t do it. Contact your IT provider first.

6. Extra credit - use multi-factor authentication whenever possible!