22 October 2019

Creating stronger passwords

Hey there and welcome back to another edition of the Hussey Coding blog.

It is October and thus the spookiest holiday is almost upon us, in recent blogs we have been looking at Cybersecurity, what it means, what you need to know and why it's important. In this blog we are going to be looking at one of the simplest ways you can help keep your stores and sites secure and yet one of the most overlooked methods ever!

That's right, in this blog we will be looking at

Everybody uses passwords these days it's become one of those facts of life but are they secure? are they strong enough to keep people out or are they so poor that anyone could guess given enough information? Maybe you are reading this and feeling really confident about your passwords strength, but what about Dorris in shipping? or Luke over in online sales? How strong are their passwords? Are they using the same password over and over? 
Here is a list of 10 things that you can do or introduce into your company to help keep not just your business safe, but your staff and customers too.

#1 - Size matters!
Create a password that is over 8 characters long, the longer it is the harder it will be to guess.

#2 - M1x 1t up
Throw in some uppercase and lower case letters but don't just stop there, numbers and symbols are also a gr8 Way 2 sT0p an @ack3r gu3ss1ng Y0ur PassW0rds

#3 - 3's a crowd
Don't bunch up your numbers and symbols, for example Huss3yC0d1ng is much harder to guess than HusseyCoding123!

#4 - It's not personal
Steer clear of using personal information, pet's name, favourite place you brag about visiting every weekend, maiden name etc. Sure your password needs to be memorable but that doesn't mean it has to be easy. Also, unlike the example above, try to avoid using companies names or references.

#5 - It takes 2 baby!
Two-factor authentication is an amazing little tool in helping keep your business secure and you should use it whenever possible. Two-factor authentication is basically when a site will send you a PIN to input on logging in as well as your password and it is an feature that Magento supports.
Follow this link for a guide on setting up two-factor authentication by CLOUDWAYS - https://www.cloudways.com/blog/magento-two-factor-authentication/

#6 - Get creative
Use different passwords for different accounts, yeah it can be annoying having to remember them all but having just one password to rule them all is not good security! When your Facebook password is also your admin panel password all it takes is for someone to get into your Facebook and your whole business is compromised.

#7 -Memories, all alone in the moonlight!
Don't store your passwords, either physically or digitally as these are easily stolen, lost or passed onto undesired parties, giving hackers easy access to your store and other accounts. However if you just have too many passwords to remember you can always sign up to a password manager like lasspass, bitwarden or Keeper meaning you will only need to remember the one master password while the others are securely stored.

#8 - If you've got it, use it
If you use a mobile device to work from then make sure you secure it with a strong password/number or when possible enable fingerprint or facial recognition.

#9 - Ch-ch-ch-ch-changes
Change your password regularly, especially when people leave your company or a contract ends with third party providers. A good number of security breaches happen because a disgruntled former employee or someone from a third party company still has access to sensitive data and decided to take advantage.

#10 - Log out and switch off
Log out of apps and sites when you are done using them, staying logged in is a great way for hackers to access your accounts, the log out button is there for a reason, use it.
On the same note when you are finished with an application don't forget to delete it and remove all permissions you may have granted it, especially on your mobile device, all your gear might be secure but remember that game you used to play about 6 years ago that you never logged out of? How secure is that now?

Now I know we said this would be a list of 10 things but because we like you so much and because you stuck with us to the end we're going to throw in a bonus tip

 - Adopt a password policy
Adopting a password Policy for your company will ensure that everyone is on the same page, that you and everyone else who has access to sensitive data are not reusing old passwords or creating weak ones.
A study performed by the University of Indiana found that making longer more complicated passwords a requirement almost completely stopped University staff reusing passwords and helping the general security of the University.
Follow the link to read the full article https://news.iu.edu/stories/2018/10/iub/releases/11-stringent-password-policies-prevent-fraud-study.html

Thank you for giving us your time today and we hope that this article has helped you and your company get that little bit more secure.
If you have any questions about this article please feel free to leave a comment or contact us using our various details listed below.
We would also like to take this opportunity to remind you of our limited time launch offer of 50% for all clients and developers signing up to our new service www.developerconnection.co.uk.
Thanks again and until next time, stay safe and have a great day.

Want to contact Hussey Coding? here's how
You can mail us at info@husseycoding.co.uk
Visit our website at www.husseycoding.co.uk

Or join in all the fun on our social media profiles
Facebook - facebook.com/husseycoding
Twitter - twitter.com/husseycoding
LinkedIn -linkedin.com/company/hussey-coding
We look forward to hearing from you soon.

No comments:

Post a comment