3 Atypical Password Practices

Blog

A password-free workplace remains an IT ideal far in the future for most businesses.

Jun 11, 2024

Cybersecurity

A password-free workplace remains an IT ideal far in the future for most businesses.

Recent studies show that the march to passwordless tech like biometric authentication is creeping at a steady but slow pace. Yet, as many as half of companies confess that, while their organizations have started transitioning, successful completion is more than two years away.

Meanwhile, stolen credentials such as passwords remain pivotal factors in escalating cybercrime. In a recent survey commissioned by Forbes magazine, nearly half of Americans admitted to having a password swiped in the past year.

That’s why as advocates for co-managed cybersecurity we strongly recommend developing and administering a strong Password Protection Policy for your small to medium-size business (SMB) that features a regular cycle of updates.

How often you require users to change passwords depends on multiple considerations. But one area where you can wield considerable influence is education and awareness.

Check out these three atypical practices for creating passwords:

Go Long – The SANS Institute recommends at least 15 characters, but cyber simulations show a mix of 11 varying lower and uppercase letters, numbers and special characters can vex a hacker for centuries.
Get Weird – Try making an acronym out of a phrase you will easily remember but would be unfamiliar to others and difficult to guess. Then, spell the acronym phonetically, shifting between cases and characters randomly. Maybe add a misspelling on purpose, too. For example, “I ate too much pie at the fair” could become “i82Mp@tFare” and meet the length standard.
Be Uncommon – Security company Sophos researches and publishes a listing of 50 popular passwords cybercrooks are likely to try. Take a moment to check whether your latest clever concoction made the list.

Education should be a cornerstone in your cybersecurity strategy.