Skip to content

Password Do's and Don'ts: 12 Smart Password Practices

What are the best practices for savvy password management enterprise?

With the business world heavily reliant on digitalization in this day and age, the use of technology in your organization is unavoidable. Although technology can undeniably give your business an advantage in increasingly competitive markets, there are many troublesome areas to keep an eye on. This is why interest in cybersecurity has risen in recent years. A good place to start is enterprise password management.

What Are 12 Password Best Practices?

Password protection is the best place to start when it comes to if you want to ramp up your cybersecurity. Setting a password to secure an entity’s data is called password protection. Only those who know the set password can access information or accounts once data is password-protected. However, because of the frequent use of passwords, people tend to overlook their significance and make careless mistakes, which could lead to serious breaches in security.

This makes it imperative for businesses to devise strategies to educate employees about best practices when using passwords. First, here are 6 password "don'ts" that you want to avoid in order to protect the confidentiality of your passwords. 

password protection6 Password "Don'ts"

  1. Don’t write passwords on sticky notes

Although you may feel that writing down passwords helps you to remember them and makes it more difficult for someone to steal your passwords online, it makes it far easier for someone to steal your passwords locally. It may feel like you are improving your password protection by writing it down, but you are putting it more at risk. 

  1. Don’t save passwords to your browser

Ignore the pop-up message, do not allow your web-browser to store your passwords! This is because web browsers are terrible at protecting passwords and other sensitive information like your name and credit card number. Web browsers can easily be compromised and a wide range of malware, browser extensions, and software can extract sensitive data from them. 

  1. Don’t iterate your password (for example, PowerWalker1 to PowerWalker2)

Although this is a common practice among digital users, it is unlikely to protect against sophisticated cyberthreats. You may think changing one or two things about a previous password is sufficient enough, but hackers have become far too intelligent and can crack iterated passwords in the blink of an eye.

  1. Don’t use the same password across multiple accounts

If you do so, you are handing cybercriminals a golden opportunity to exploit all your accounts. In other words, if they have one they have them all. 

  1. Don’t capitalize the first letter of your password to meet the “one capitalized letter” requirement

Out of habit, most of us tend to capitalize the first letter of our passwords to conform with the "one capitalized letter" requirement. However, hackers are aware of this, making it easy for them to guess the capitalized letter's position. 

  1. Don’t use “!” to conform with the symbol requirement

Try and avoid this common symbol, however, if you must use it, don’t place it at the end of your password. Placing it anywhere else in the sequence makes your password more secure.

6 Password "Do's"

Now that you have an idea of the practices that are a threat to the confidentiality of your passwords, what should you do? Follow these six password "do's" to ensure the safety of your passwords: 

  1. Create long, phrase-based passwords that exchange letters for numbers and symbols

For instance, if you choose "Honey, I shrunk the kids," write it as "h0ney1$hrunkth3k!d$." This makes your password harder for hackers to crack.

  1. Change critical passwords every three months

Passwords protecting sensitive data must be handled with caution because there is a lot at stake if they are compromised. If you use a password for a long time, hackers may have enough time to crack it. Therefore, make sure you change your critical passwords every three months.

  1. Change less critical passwords every six months

This necessitates determining which password is crucial and which is not. In any case, regardless of their criticality, changing your passwords every few months is a good practice.

  1. Use multifactor authentication

It’s your responsibility to do everything in your power to keep nefarious cybercriminals at bay. One of the best approaches is to barricade them with multiple layers of authentication.

  1. Always use passwords that are longer than eight characters and include numbers, letters and symbols

The more complicated things are for hackers, the better.

  1. Use a password manager

A password manager can relieve the burden of remembering a long list of passwords, freeing up time for more productive tasks.

Looking for More Helpful Enterprise Password Management Tips?

If you're looking for help with enterprise password management, the Data Networks team can help! Adhering to password best practices requires constant vigilance and effort on your part. As a result, it is best to work with an expert managed service provider (MSP) like us who can help you boost your security and put your mind at ease.