3 Foundational Cybersecurity Habits

Foundational cybersecurity habits continue to be essential to our daily lives. This is the first part in a three part series on creating foundational cybersecurity habits.

With another year coming to close, something that continues to be a constant is that social engineering and cybersecurity threats continue to evolve year after year. Although these attacks may grow in sophistication and frequency, the majority of them can be eliminated by following simple cybersecurity basics. To help with rolling out this new year, this series will go over 3 Foundational Cybersecurity Habits.

Create Strong Passphrases

The first foundational habit is creating a strong password. Having a strong password is truly the backbone to keeping your data secure. If people are unable to access your files, data, and accounts, then the chances of you becoming a cyber-victim drastically decreases.

So what is considered a strong password? Most experts are saying you need to increase the length of your password to 12-15 characters. This is for good reason. The longer your password is, the longer it takes, and harder it is, for a cyber-criminal to crack. The plus side, you shouldn’t have to change this lengthy password as frequently.

To help with creating a strong password, here are our four helpful hints:

Use a passphrase.

Instead of picking some kind of sequence on your keyboard, or combining a family member’s name and date of birth, create a passphrase. Just a simple phrase, that’s easy for you to remember, but difficult for someone to guess. Let’s say you love chocolate ice cream, maybe something like ‘Ch0c0lateIceCream!’. If you love the movie The Jungle Book, maybe ‘B3@rNecessities’. Both examples are 15 or more characters long, but would be relatively easy for you to remember.

Some will try to say that swapping out numbers or symbols for letters is easy to crack, because it’s known as “leet” speak and common in the tech world. Or they will say using common words is easy to crack through something known as a dictionary attack.  But the goal here is to reduce the risk. The most secure password would be a completely randomized sequence of 15 or more numbers, upper/lowercase letters, and symbols. But then remembering that becomes incredibly difficult.

With a passphrase, you are adding all of those essential elements – 15 or more characters, numbers, upper/lowercase letters, and symbols – but putting them together in a way that is easy to remember and recall. These passwords would be very difficult for an individual to guess and would take several years for a super computer to crack.

Have multiple passphrases.

Create a few passphrases to avoid using the same one over and over again. The more frequently you use a passphrase, the higher the chances of it getting leaked through a data breach. Utilizing multiple passphrases can help minimize the impact of a potential breach, but can still be relatively easy to remember

Change Passphrases Annually.

Experts say that a complex, 15-character password (or passphrase in this case) is extremely safe for at least a year. But at some point, these passphrases need to be updated, there just has to be some kind of balance. If you change them too frequently, you will fall back into old bad habits of creating some kind of pattern that is easy to remember. If you wait too long to change them, they will eventually get leaked or cracked, making you vulnerable.

When using the passphrase method we are recommend, a safe compromise is roughly a year. So set a date in the calendar, like New Years Day, and just create a new batch of passphrases to use for the next year.

Have you been compromised?

The final hint for protecting passphrases is to make sure you haven’t been a part of a data breach. There are several free sites like HaveIBeenPwnd that help with this. Since most accounts we create are tied to an email address, if your account is a part of a data breach, your email is usually tied to the data that was stolen. On this free site, you can simply enter your email address, and it cross checks that account to known data breaches.

If you have been a part of a breach, don’t be alarmed. Almost all of us will have an account get compromised at some point. Just be sure to update your passphrase, and keep an eye on potential fraudulent activity tied to that account.

Contact Us

If you have any questions, or would like some additional advice on how you can build on your foundational habits, please CONTACT US. We are always happy to help!