Elements of a Secure Password

Elements of a Secure Password

Successful hacking attempts almost always (81 percent of the time) succeed thanks to a compromised password. That means that creating and maintaining secure passwords is critical to maintaining the security of your website.

Creating short, simple passwords is tempting when you just want easy access to your website. Needing to remember many passwords for each of your online accounts can also make it difficult to commit to a secure password.

However, you don't have to do it alone. Here is a look at the elements of a strong password, and how your website support company can make strong passwords easier to manage.

Secure passwords are complex.

Brute force attacks consist of rapidly trying many different passwords to find the right one to access an account. These attacks are much less likely to be successful if the password you choose is complex.

Password complexity consists of the following:

  • Length
    The ideal length of a password is not firmly established, but most experts agree that it should be at least 12-16 characters long. A good password could be much longer.
  • Numbers
    A password should contain at least one number.
  • Special characters
    A password should contain at least one special character. Spaces may even qualify as a special character, depending upon how the website's security protocols are constructed.
  • Capital letters
    A password should contain at least one capital letter.
  • Randomness
    Your password should not contain personal information. For example, avoid using the names of family members, pets, important dates, or other identifying information. You may even want to avoid using words and phrases at all.

People often avoid creating complex passwords because they are more difficult to remember and may take longer to enter when trying to gain access.

You can encourage your team to create more secure passwords with help from your website support. These professionals can build requirements into the password creation process for your website.

For example, you can require any password to be a certain number of characters or to include a certain number of letters and special characters. Anyone who wants to create a password, then, must create a secure one.

Work with your website development and support professionals to determine the requirements that will work best for your company's password needs, and then build those requirements into the fabric of your website.

A secure password includes multi-factor authentication.

A password is easy to hack if someone gains access to the username and password. That is why adding multi-factor authentication can make the sign-in process more secure.

 Multi-factor authentication requires the user to verify their identity in two different ways, using a combination of something they know, something they have, and/or something they are.

 Usually, the process includes a password (Something they know) combined with biometric verification (e.g. a fingerprint) or the use of a one-time password (OTP) delivered to something they have, such as a smartphone.

 For example, you may enter your website password, and then receive an SMS message to your smartphone with an OTP. You enter the OTP into the website to receive access.

 Multi-factor authentication is easy to use and doesn't usually add more than a few seconds to the login process. Your website developer can help you implement it, and your web support team can help you maintain and troubleshoot it for a simple way to boost your website security.

A secure password changes frequently.

Even a complex password supplemented with multi-factor authentication is susceptible to hacking if it never changes

Frequently changing your password reduces the chances that a hacker can gain access even if they get into your saved passwords, reduces the amount of time a hacker has access to your account if they do guess your password, and makes it more difficult for hackers to use certain methods to discover your password.

Most experts agree that you should change your passwords at least every 90 days, although you may wish to change them every 30 or 60 days instead.

You can make frequent password updates easier with the help of professional website support. The company you hire can help you implement the right protocols for password updates, as well as ensure compliance with these updates, in order to keep your website secure.

A secure password is securely stored.   

It does not matter how complex a password is if it is written down on a piece of paper and shoved in a drawer or saved in a document on the cloud or computer. All a hacker has to do is obtain the piece of paper or access the right online document to gain access to your website.

However, complex passwords are also more difficult to remember and are therefore more likely to be written down somewhere for easy access.

The best approach to keeping your password securely stored is to use a password manager.

This manager will store all of the passwords for all of your accounts in an encrypted and highly-secure location. You then access the password manager using a separate password.

All you have to do to access all of your passwords is to remember one password. That reduces the temptation to write down your passwords and to reuse passwords

Some password managers can even auto-generate random, complex passwords for your accounts, and provide other services that make managing your passwords easier and more secure.

If you are not sure which password manager to use, your website support company may be able to help guide you toward the one that will work best for your specific needs.

Secure passwords lead to a more secure website. You don't have to rely on your team members to keep your passwords secure. You can implement security measures into the fabric of your website to simplify the process for your staff without compromising on the security of your passwords

Here at Distinct, our web support services include password assistance. Let our developers build password security into your site, and let us help ensure that those passwords remain secure over the long-term.

With the right support, you can create a more secure site and enjoy greater peace of mind. Let us show you how!