2023 is here! As you set your intentions for the year ahead, we recommend you include a solid password cleanup as part of your plan to make this your best and brightest yet.
At GTS Financial, we practice what we preach. We go above and beyond industry standards to ensure the security of your data.
Fun fact, we use enough characters and complexity in each of our passwords that, with current computing technology, it would take 200 million years to crack each one!1
Want to fortify your own data? Read on to learn our 5 best practices for your personal cybersecurity.
1- Change Your Passwords
Periodically changing your passwords is one way to cut off access to anyone who may already be using one of your passwords. A lot of cybersecurity experts suggest changing your passwords every three months. We would stand by this advice if you are in the practice of using fairly simple passwords, using the same password on numerous platforms, entering your passwords on public devices, or if you ever share your passwords on insecure channels. If you use unique, complex passwords for each of your logins (see Tip # 2), you can probably change your cadence of password updates to once or twice per year.
Of course, if you are aware of a data breach, you've been hacked, or were the victim of fraud or theft, you should update all your passwords right away to prevent any further damage.
2- Increase Password Complexity
Take a look at the table below. It might surprise you to see that with current computing technology, a hacker could still crack an 8-digit numerical password instantly. Even if you increase that to 14 numbers (that is nearly 100 trillion number combinations), it would still only take 41 minutes to crack your password. Adding other character types, letters, both upper and lower-case, and symbols can exponentially increase the time it would take for a hacker to gain access to your information.
At GTS Financial, we enforce that staff members have unique, 14-character passwords that include upper and lower-case letters, numbers, and symbols for all logins.
3- Use 2-Factor Authentication
Yes, it is one more step in the process, but using multi-factor authentication whenever it is offered is best practice. Since over 80% of data breaches occur because of weak or stolen passwords, multi-factor authentication adds an additional layer of security to protect your data.2 Even if a password is hacked or even guessed, it would not be enough to provide access to an intruder because you will be the one getting the notification of a login attempt on your personal device.3
4- Do Not Duplicate your Passwords
Gone are the days of using Fido123 for every single one of your passwords. If you are using the same password for multiple platforms, if one experiences a data breach, your information in all your other services are compromised as well. Since there is no way to store hundreds of long and complex passwords in your head, we recommend using a reputable password manager.
5- Vet Your Vendors
As a small business, we get to choose which vendors we work with and where we store information. We take the security of your data very seriously, so before we enter a contract with anyone, we research their cybersecurity practices as well. Many of our clients are small business owners, we hope you are doing the same to protect the integrity of your business and clients as well.
Footnotes and Sources
1. CNBC.com, March, 2022
2. Incognia.com, January, 2023
3. BU.edu, January, 2023