Setting protections around business operations is always a good idea. But those protections don’t mean anything if someone gets your credentials.
Business owners and executives often rely heavily on their IT leaders and InfoSec personnel to secure business information. While the majority of this does fall under the IT umbrella, it is important to remember that security practices are the responsibility of every single employee. The IT department can put protections in place all day long, but those protections only work when everyone practices good cyber-hygiene, including the use of strong passwords and 2FA.
In the past, we’ve talked about the importance of passwords and that using a password manager is generally a safe practice. We’ve also discussed the various ways to implement two-factor authentication. These discussions didn’t happen just because we think they’re a good idea. These discussions happened because these are incredibly important pieces of security.
To review, strong passwords are important because people are easier to hack than machines. If someone can spend a few weeks getting to know you, they may be able to simply guess your password. By using a phrase that has nothing to do with you and is at least 24 characters is one of the top ways to stop a hacker. The programs they use to decipher passwords take longer to work when passwords are longer because there are exponentially more combinations. Capitals and symbols aren’t as important as the length. Example of a good password: theskyispinkinthemonthofnovember (32 characters, unrelated to anything)
***Click here for full text***