Brand Thinking
Trending Topics
Advertising App of the Week Blogging Branding Design Digital Cookbook Facebook Google Information Design Innovation Legal Industry Marketing Mobile Mobile apps On Branding Online Advertising Online Communications On Technology Professional Services SEO Site of the Week Site Usability Social Media Social Networking Thought Leadership Twitter Video Web Design Web Development website designBrand Thinking Blog
Recent Posts
-
Password Security
Posted on July 20, 2012 at 10:57 am
We dealt with a recent security breach where passwords played a role. After the cleanup was over, we conducted a comprehensive audit of all known client passwords and logins. Passwords should be replaced at least once every 90 to 120 days. We found a disturbing number of passwords had NEVER been changed.
Often, passwords are issued in an initial format or as a default, something like “password” or “12345.” These are easy to remember, perfect for new clients, but they are far from being secure. As the account holder, you need to change those passwords quickly.
Everyone wants a short password they can easily remember, but these are, unfortunately, easy to compromise. We recommend creating a long password with mixed cases, letters and numbers. We can even recommend a site if you need help generating one:
http://strongpasswordgenerator.com/
Transmission of passwords is another problematic area. You should never email a password unless absolutely necessary. If you do, you need to immediately change that password once the reason for its transmission has passed. Instant messaging or chatting is supposedly safer than email, but again, if you transmit your password electronically, you leave yourself open to being compromised. Phoning or telling people directly are the safest methods for sharing passwords. Hard copy within the office is also acceptable, assuming you trust the recipients.
Whenever there is turnover at your office or staff changes on a project, you should promptly replace whatever passwords were being used. It may be a pain, but it’s the smart thing to do. Sharing a single password in an office is common too, but a single login/password for many employees is a security breach waiting to happen
The right password system can make the difference between a secure website and getting hacked. Don’t take your passwords lightly.
Write a comment
