All Things Newz
Law \ Legal

Password Security & Best Practices – A Refresher – Security



To print this article, all you need is to be registered or login on Mondaq.com.

As more and more of us return to the office, it’s a good
time to revisit the passwords you use. It is therefore
timely that the U.S. Department of Health and Human Services,
Health Sector Cybersecurity Coordination Center
(“HC3”)
recently published
a set of password security suggestions and best practices
. Here
are some of HC3’s key takeaways:

  • Use multi-factor authentication when possible.

  • Use different passwords for different accounts.

  • Make passwords that are hard to guess, but easy to remember.

    • To make passwords easier to remember, use sentences or phrases.
      Example: “pineappleonpizzaistasty”;

    • Hackers will use dictionaries of words and commonly used
      passwords to guess your password. Avoid single words, or a word
      preceded or followed by a single number (e.g., Password1);

    • Do not use passwords that are based on personal information
      that can be easily accessed or guessed (e.g., birthdays,
      children’s or pet’s names, car model, etc.);

    • Length over complexity:

      • The longer a password is, the better. Use the longest password
        or passphrase permissible by each password system.


    • But complexity still matters:

      • To increase complexity, include upper- and lower-case letters,
        numbers, and special characters. Example:
        “pin3appl30nPizzaI$Ta$ty


    • Never reveal your passwords to
      others.


  • Password management tools, or password vaults, are a great way
    to organize your passwords.

  • Enable “Show Password” where possible.

    • It is unlikely that the person behind you is going to record
      your password data, so there is little

      reason to hide your password as you type. You are more likely to
      make mistakes in typing if

      you cannot see the characters, and mistakenly think you have
      forgotten your password. This

      error leads to potential data exposure every time you need to reset
      your password.


  • Store Securely:

    • Not on a Post-It under your keyboard.

References:

“Creating and Managing Strong
Passwords,” CISA. 27 March 2018.

Kurko, Michael. “Best Password Managers,”
Investopedia. 9 June 2022.

“NIST Password Guidelines: The New
Requirements You Need to Know,” Auditboard. 24

“Password Best Practices,” UC Santa
Barbara. N.d.

To view Foley Hoag’s Security, Privacy and The Law
Blog please click
here

The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.

POPULAR ARTICLES ON: Technology from United States

Understanding DeFi: Words Have Meaning, But What Do They Mean?

McGlinchey Stafford

Perhaps the most challenging (and intimidating) part of Decentralized Finance is understanding all the terms and industry jargon—many of which are new and technical, while others are as old as time but commonly misunderstood.

Should NFTs Be Considered A Security?

Lewis Brisbois Bisgaard & Smith LLP

If you had asked the author of this post 10 years ago whether he would believe that people would pay thousands upon thousands of dollars for what is essentially a PDF…



Source link

Related posts

Supreme Court’s Gun Proliferation Ruling Masquerading As Constitutional Interpretation – Trials & Appeals & Compensation

Horace Hayward

Overlap Between Copyrights And Designs In India – Copyright

Horace Hayward

Freezing orders under the Victorian Confiscation Act – Financial Services

Horace Hayward