An Attorney’s Guide To Safe Passwords
Attorneys often have access to a great deal of confidential information that must be kept secure for clients and colleagues. As many firms are now paperless, important files and documents are often stored electronically, and cybersecurity has become essential. While the need for a secure password may seem obvious, shocking quantities of people have low quality passwords, and reuse the same one on multiple sites. Unfortunately, the use of low quality, unoriginal passwords make you a prime candidate for hackers.
Cyber safety begins with having secure passwords for all accounts or files. There are three primary hacking methods:
- Brute Force: Brute force attacks involve a program that attempts to guess a user’s password by trying various combinations of characters, symbols, and numbers on a keyboard, until finding the correct combination. The best form of protection against a brute force attack is the utilization of a long, complex password. For example, a password that contains letters and numbers, and surpasses 8 characters, will take at least two years to crack.
- Guessing: Many people use passwords that include personal information such as their phone number, birthdate, or child’s name, for example. Passwords that contain personal information are not safe, as these are the types of words or numbers that a hacker, particularly one who is or was close to you, will try first. Beyond obvious personal information, many resort to using common phrases, such as ‘password,’ ‘iloveyou,’ ‘12345678,’ and ‘letmein.’ While passwords such as ‘password’ may seem too obvious for anyone to guess, in reality this isn’t the case. Look here for a complete list of the most commonly used passwords.
- Trusting the wrong person: The most common method of hacking occurs when one trusts the wrong person with their account information. As a general rule, don’t give out your account information, regardless of how much you trust the person in question. If sharing a password is absolutely necessary, be sure to find a new password when the second party no longer requires access.
Creating A Strong Password
The standards of what constitute a strong password are constantly shifting. While once an eight character password was considered acceptable, experts now suggest expanding length even just one character, to nine.
- According to the Georgia Institute of Technology, eight character passwords may be cracked in as few as two hours. While increasing the character count to nine is enough to make a difference, experts suggest the safest character count is twelve. As hacking capabilities continue to increase, twelve character passwords put you a few steps ahead.
- Make sure your password includes an uppercase, lowercase, number, and symbol.
- While passwords shouldn’t contain personal information, you can turn personal information into an acronym, which may then be used as a password. For example, a phrase such as ‘I’ve lived on Maple Street since March 3, 2008’ could be turned into: Ilomss3/Mar,8. Deriving a password from a factual or memorable phrase may make a seemingly complex combination of characters easier to remember.
General Tips For Maintaining Secure Passwords
Don’t repeat passwords: Regardless of how secure a password may appear, repeating passwords on multiple sites or programs is never a good idea. If a hacker manages to gain access to one account, duplicate passwords ensure they will have access to other accounts as well.
Memorize passwords: With so many passwords, memorization may seem like a terrible chore. However, there is little point in developing complex, hack-proof passwords if they are left lying around for prying eyes. If you must have a written copy of your passwords, keep it somewhere inaccessible to others, such as within your wallet. Even better, store them on a password manager. When using a password manager, you only have to memorize one very strong password, which grants you access to the rest of your passwords. Some password managers also offer additional services, such as password generation.
Don’t share passwords with others: Regardless of how much you may trust someone, it’s never a good idea to share passwords. The more people that know a particular password, the weaker the password.
Change passwords periodically: Passwords should be changed every so often, some suggest as often as every 3 months.