Believe it or not, the most frequently used password is 123456. Where do we keep that password? They are most commonly found on a sticky note under our desk. Yup!

Let’s face it, everyone hates passwords. We have too many of them; we can’t remember them. In today’s online world, they are a fact of life – an important fact of life. If you’re not managing your passwords carefully, you may be putting your privacy and your business at risk.

So, what does a secure password look like? There’s plenty of advice written on creating safer passwords. In general, passwords should not be a dictionary word (in any language). It should include both uppercase and lowercase letters and a special character or two. The safest passwords are a minimum of 8 characters in length.

Businesses should have a written password policy that staff understand and are required to follow. It should define secure and unsecured passwords, sharing rules, and detail the protocol for changing passwords. Key issues include:

1. Minimum password length.
2. Password composition. Character requirements and allowances as well as capitals/lowercase, numbers, special characters. It should define that your name and the company name are not allowed.
3. The frequency with which passwords should be changed.
4. How password should be stored (or not be stored). Passwords are not to be written down. They must be memorized or kept in a password manager.
5. Reuse of passwords. Do not use the same password at work that you use in any other account.
6. Sharing and transferring. Passwords should not be shared without proper authorization. If sharing is required, establish criteria.
7. Electronic transmission. No transmission over insecure networks or communication.
8. Requirements for Administrators. Their permission level and power to control others should be clearly defined. It should also be made clear how are they held accountable in the event of a breach.
9. Enforcement. Establish and maintain roles, responsibilities, consequences and sanctions.

It’s your network password, your online banking password, your Facebook password, the passwords your employees use, and the list goes on. Build them carefully. Protect yourself and your business.

Want to test the strength of a password? Click here.