Password Security


We’ve all heard about the importance of password security, and to be honest you probably think “yeah, I could be more secure but nothing’s happened yet so I’ll do it when I get time” and it becomes another thing added to your todo list that never really climbs to the top so it sits. Chances are, this is what you’ve done and I know that because this was what I used to do. Every time there was a breach somewhere, like the Capitol One breach a couple of years ago, I’d add it to my mental checklist but would never actually get around to doing anything about it.

So if you have gotten by to date, kudos on the luck. If you have been subject to a hack or another company’s breach, chances are you’ve at least updated those passwords but hopefully you’ve updated them all. However, let’s take a look at why it’s important to update your passwords to be secure, and how you can manage them personally and professionally to make your life a lot more secure and even better, easier!

First, let’s look at the reason you should have a secure password. Bottom line, you want it to be harder to hack. If your password can be guessed, it is most definitely not secure enough (so no kids names, birthdays, pets, etc). The more complex, the harder the password is to hack, make sense right. This chart shows how fast a hacker can actually access your password based on the difficulty.

Now, you may look at this and ask what a brute force attack is. This is a fairly common hacking attack where they run a program that very very quickly attempts several password combinations. As you can see, a password such as “clown” will be detected instantly and the hacker will have access to your account. To give yourself a solid level of security, you want to include lowercase, uppercase, numbers and symbols and you want the password to be as long as possible. Additionally, you don’t want to use the same password for different accounts because once a hacker identifies that password they will attempt to use that password anywhere they can.

So how do you keep track of all these elaborate passwords? This is where a password manager comes in. Password managers can be very useful in generating new secure passwords. More importantly, they will keep your passwords stored so that you only have to remember one password (for the password manager itself), and save you from having to type each password anytime you want to log in. There are many options for password managers out there, but I have had great success with two in particular.

Personally, my family uses LastPass. This has been great for us because we can organize our passwords by folder whether that be function (social, financial, etc) or person (Travis, kids, etc). It generates passwords that meet all the security features mentioned above. One feature we really like is that we can share a password without actually sharing the password. For example, if the kids need the Netflix password we have the option to share it with them and they won’t be able to view the password, but they can use LastPass to log into the account. This extra level of security is something that we really appreciate. They also have a great app so that even if I am logging in on my phone, it is very easy to access all the passwords with a couple clicks.

Professionally, we have implemented Bitwarden as our office password management system. Their system also generates passwords and stores them. We are able to add passwords to folders and then share those folders among our entire team. When someone leaves the company, or doesn’t need access to a folder, a few clicks and access can quickly and easily be revoked.

All this may sound simple, and that’s because it is. Really, the cost and the time involved in setting up a secure password manager and secure passwords is minimal. However, the cost involved with not spending that time can be very high both monetarily and in your time. So make the decision to move updating your passwords from the bottom of that todo list to the top and rest easy knowing you are safe and secure.