It’s my first Zoom meeting of the day and I’m listening to Lance Cottrell, Certified Information Systems Security Professional (CISSP), and renowned internet privacy, anonymity, and cyber security expert.
Lance is talking about cyber security survival training, I’m looking for the one thing I can easily implement to protect myself now.
I’m taking notes , a lot of notes… and then I hear the “one thing” I was looking for!
What is the lowest hanging fruit when it comes to reducing cyber risk?
Passwords. Passwords are the keys to the kingdom. Simple and commonly used passwords enable hackers to easily gain access and take control of a computing device. It’s the reason that two-factor authentication is much more common today. For example, if they email you a link, they text the password.
Regardless, good password hygiene is essential. If you can remember it, it’s not a good password. It should be long and complicated…20+ characters long. Nothing tied to the user personally...no birthdays, no dates, nothing related to work, nothing less than 10 characters, and nothing that’s all letters or numbers. Never use the same password in 2 places.
A good password looks like this… ZC{Vs3ZlaUQcP]&!$S%k
A bad password looks like this… Happy1234
Suddenly, I’m thinking…Whoa, hold on! Are you kidding me?
On the surface, I’m quietly listening but inside I’m rolling my eyes. Of course I want to be cyber protected, but this sounds a little like the pharmaceutical commercials where the side-affects, listed in small print below the ad, sound worse than the disease!
We working people are time-starved to say the least. How will I ever accomplish the “one, unique, 20+ character password per site” protocol?
The speaker continues. It’s as if he read my mind!
“Use a password vault.” He says. There are several good sites out there ( 1Password, Dashlane, LastPass, etc.). With a password vault, you only need the password for the vault. One password that you can keep on paper in a couple of places. Password vaults are built to make compromise as difficult as possible…the entire vault is encrypted to that one big password.
So now I have it…my one big idea for the day.
Next stop, schedule time to engage a password vault!
VANTREO partners with you to make good insurance and risk management decisions. We bring the cyber liability coverage expertise, management coaching, corporate culture training, EPLI expertise and claims advocacy needed to help you protect your organization and its people. We’re happy to help. Just reply here.