If you're on a Galaxy Fold, consider unfolding your phone or viewing it in full screen to best optimize your experience.
We all have secrets no one needs to know. I consider myself a red-blooded native Texan, but I'm also a not-so-proud yet enthusiastic devotee of "Married at First Sight: Australia," and, for reasons I still don't quite understand, cried like a baby after watching Richard Linklater's "Boyhood."
While I don't normally volunteer this information, if other people know it -- or somehow figure it out -- the flow of happiness in my life will remain uninterrupted.
The same thing is not true when it comes to my passwords. I have more than 50 password-protected devices and applications -- everything from my iPhone and Chromebook laptop to my mortgage, checking, email, and credit card accounts. If any of those are compromised, the end is nigh.
The stakes are even higher at your small business. Every digital device (aka "endpoint”) connected to your computer network is a potential entry point for bad actors to access confidential information.
Strong passwords are your first and best step toward endpoint security. We'll go over the features of effective passwords and the best practices to create them so you can better protect your small business.
A strong password has two characteristics: It's easy to remember but hard to guess.
The harder part is getting people to do both these things. Instead, because nobody is prepared when a request for yet another new password appears, we rely on the same bad password ideas.
These include using easily guessed passwords such as qwerty or 12345678, reusing passwords, or adding a number to the end of an old password to update it.
The stakes are too high for businesses to use weak passwords:
Even worse, 43% of data breaches occurred at small businesses with an average cost of $150 per stolen record. Poor password management policies undermine the strongest passwords.
Hackers use multiple tactics to crack passwords:
These multiple attack methods highlight the importance of strong passwords and identity management strategies.
Creating passwords is not difficult, but it does require some careful thought to protect your business's data. Follow the password suggestions below to create and maintain the best passwords possible.
The first step in creating strong passwords is to avoid obvious choices by using these password tips:
The blessing and curse of these tips is, while they help you avoid easily discovered passwords, you're left with a pressing question: How are you supposed to create a strong password you can also remember?
Instead of creating your password from a common word or phrase, use a passphrase that employs a combination of unrelated words or characters:
Passphrases work well because they're easy to recall and will thwart most dictionary and brute force attacks.
If you're unsure how strong a potential password is, or are unconvinced different strategies affect its strength, test your passwords. One popular password strength detector rates each of the following passwords based on how long it would take to crack them:
I doubt anyone can guarantee a password is secure for 29 million years; however, the different timeframes here illustrate relative password strength.
A password manager application creates a secure digital repository for encrypted login information for multiple applications, devices, and websites. If you have a network security operations center, a password manager is an essential component.
The best password managers also include features to create passwords and ensure you don't reuse the same password. An online random password generator may appear attractive as a free alternative, but a third-party password generator could have its own security issues you have no control over.
Increase the strength of your passwords with multi-factor authentication (MFA). This security system requires a second piece of information that only you have to complete the login process.
Different authentication factors include:
A typical MFA example is when I log into my bank account. After I submit my password from my laptop, the bank texts a single-use code to my smartphone that I must also enter before accessing my account.
MFA with adaptive authentication uses artificial intelligence (AI) to flag atypical logins and adjust security enforcement policies based on risk level. If a user logs in from a new location or device, for example, adaptive authentication deploys extra authentication factors before providing account access.
The strongest password in the world isn't effective if it's already compromised. A variety of different websites, browser extensions, and applications can provide information about potential password hacks:
You probably have enough already going on in your head without giving your collection of passwords much thought, but a password report like the one below from Google should be a wake-up call.
Passwords are like hot water heaters. Both should work when needed, but you'd like to give them little thought beyond that other than infrequent maintenance. The key things, however, are doing the proper setup and periodic upkeep.
If you don't want to leave your network's protection up to your employees and the passwords they choose, use the best endpoint security software. These applications use a multifaceted approach to secure company data so you can protect confidential information and avoid the costs of a data breach.
We're firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent, a Motley Fool service, does not cover all offers on the market. The Ascent has a dedicated team of editors and analysts focused on personal finance, and they follow the same set of publishing standards and editorial integrity while maintaining professional separation from the analysts and editors on other Motley Fool brands.