Did you know that password strength goes a long way in protecting against brute-force attacks? To protect the security of your office network, adhere to the following Password Security Best Practices.
Use strict password criteria by avoiding predictable or easily guessed passwords. This includes your date of birth, nickname, pet’s name—or your Social Security number. Most of these info are posted on your Social Network accounts and will make it easy for unauthorized users to attempt to gain access to your account.
Never provide your password in response to an email. Your Information Technology Department will never ask you for your username and password in an email. Should you receive an email asking for this information, it is likely a scam or phishing and should be immediately forwarded to the Network Security Team or Help Desk in your IT Department.
A good way to scramble a password is to switch up the characters as shown below. When the password is scrambled, it will give “login limit exceeded” notifications to users and bots trying to guess your actual password if they guess a word you may have used.
1 = i or l
5 = s or $
8 = b
9 = g or q
0 = o
@ = a
cl = d
rn = m
vv = w
Never share current or reuse old passwords. We know that passwords can be difficult at time to remember but if an unauthorized person can gain access to one of them, many more accounts for which you have the same login could be compromised. Also, at times, a password can be discovered and collected to use at a later time (ie: night, weekends, holidays or vacation) so as not to alert you to their presence.
Keep your passwords and reminders safe and treat them as you would the keys to your vehicle or home. If you must write them down, keep them in a safe place and in a way not easily identified to your account.