Password Best Practices

Website hacking is a growing concern on the internet, especially as it relates to password vulnerability. When this happens, not only can it damage your brand (if you site is taken down, or displays unintended information), it can cost you financially to recover.

The good news is that many hacks can be easily avoided by using some best practices when managing the passwords relevant to your site.

Here are the top 4 items we consider mandatory:

1. Do NOT use a common language password (ex: “password”, “flowers”, “business name1234” etc). Use random strings. A great tool for generating passwords is free and can be found online here.

If you do one thing on this list, practice the use of random string passwords.

2. Change your password at least every quarter. Even passwords that are hard to guess, overtime they tend to change hands, typically over email, non-secure chats, etc. Changing your password frequently limits the risks from password sharing. (Tip – Make a recurring calendar invite to yourself as a reminder)

3. If you have to share your password, don’t send it over a non-secure email, and after the person you shared it with is done, change your password!

4. Secure where you store your password. If you store it on your computer, make sure your computer is password protected. There also several web-based password management tools out there you might want to consider. Lifehacker has a decent collection here that you can check out.

While there are several other measures to be taken to minimize security risks your business has online, these items are measures you can do yourself that don’t incur any cost, are easy to implement, and can prevent a majority of common hacks.