You’ve probably heard the news that Russian criminals stole 1.2 billion passwords, all for the business of sending out spam. While none of ERGOS’s systems, or Office 365, were compromised, we’ve seen some of our client’s personal email accounts get hacked. We want to help you lock down your passwords with some simple recommendations.
ERGOS’s Password Recommendations:
Maintain unique, reasonably complex passwords
Use a variety of letters and numbers, avoiding words you can find in the dictionary or obvious number sequences like 1234. Make sure they are least 8 characters—it’s even better if they are more like 12.
Change passwords regularly
Every 30-90 days, change important passwords to something unique, as outlined in the first recommendation. Don’t fall prey to the temptation of using the same password on every site. We recommend setting a calendar reminder on your computer or phone so you don’t forget.
Review your settings
Nearly every email client has a settings page that we encourage you to review every so often (you probably haven’t visited the page since you set up your email account). Look at things like mail forwarding, as one of our engineers discovered that a compromised client had their mail forwarding to somewhere in Russia.
Use two-factor authentication
Many popular online systems offer two-factor authentication. Two-factor authentication means “something you know” (like a password) and “something you have,” like a smartphone. In other words, someone can’t login to your email account from just any device, it needs to be your device (that you’ve authenticated, and proven to be yours) plus your password. Office 365 offers 2 factor authentication.
Use a password manager
So now you’re thinking “But how am I supposed to keep track of all these unique passwords that I change all the time?” The answer is a password manager. Services like LastPass or 1Password store and encrypt your passwords for you, so you’ll never forget a password again or have to write your password on an insecure post-it.
Have any other security tips? Leave a comment and let us know. We are always happy to help get your office more secure.