Today in the Evolve IT Lab, Lachie and Ben discuss secure username and passwords. We often find that users want to use simple passwords like their first name, last name or their date of birth.
In the past we created passwords that were hard for humans to hack. However, with cybercrime advancing we need to adapt, today we need to create passwords that are hard for robots to hack. Ben recommends that you choose four random words and mash them together (example - beefootballjarglass)
You may also want to consider a password manager like LastPass ENTERPRISE, so that you don't need to remember all of your passwords.
Lachie: Good day guys and welcome back to the "Evolve IT Lab." My name is Lachie and we've got Ben back from SOPHOS. Welcome, Ben.
Ben: Thanks for having me again.
Lachie: Guys, Ben's a cybersecurity expert at SOPHOS and today we're gonna be discussing secure username and passwords and why it's important. So, Ben, a lot of people get upset when they can't have passwords like their first name or "welcomehome1" or "password" or "welcome" or the month that they were born in. Why is a secure password important?
Ben: Absolutely. Well, with the introduction of cloud services and things like that whether it's, you know, OneDrive, SharePoint, Salesforce, that kind of thing, even your emails, having a single password that accesses all of these things is, if it's compromised, essentially they have the keys to the kingdom, they have all of your corporate data. So everything you have access to is now potentially leaked out of the organization.
Lachie: Yeah, right. So we touched on some risks there. If your password does get compromised, what are some of the risks, or what can cybercriminals do with that information?
Ben: Well, they could use it to try to get into other services as well. A lot of people are popular on the reuse of credentials and passwords, so really the possibilities are endless.
Lachie: Yeah, right. So, what's the solution to it? How do you come up with a secure password? Have you got any recommendations on characters, numbers, letters? What's your recommendation?
Ben: Absolutely. So as long as possible. So it's quite easy for a computer to, say break an eight-character password, whether it's got lots of say special characters in them, numbers, capitals, it doesn't really matter anymore. A computer can actually crack that quite easily. So it really comes down to making a password as long as possible so it's harder for a machine to break. So my advice is pick four random words and that's what a lot of security professionals are actually [inaudible 00:01:56] now. So four random words together that make no sense at all, like, yeah, pick anything.
Lachie: Cool. So when we talk about...some people talk about password managers. Well, is there any security risk with a password manager?
Ben: Not really. Again, the password that should be used with the password manager should be unique. You should not use it in any other service whatsoever. If you reuse passwords and that's the password for your password manager, then I have access to everything. But a password manager's a really great step.
Lachie: Great. No worries. Thank you, Ben.
Ben: Thank you.
Lachie: And thank you everyone for watching. We'll see you next time.
HOW EVOLVE IT CAN HELP?
We take great pride in partnering with organisations. Our team specialises in developing customised solutions to help you get the most out of your technology