Posted by netintegrity

Password Security: When KISS (Keep It Simple Stupid) Does Not Apply

Spotlight On Password Security When Keeping It Simple Is StupidI will use strong passwords
I will use strong passwords
I will use strong passwords
1 w!LL u5e $tr0ng P@ssw0rdz

In this digital age there is no escaping the use of passwords. They seem to have infiltrated every aspect of our waking lives, both personal and professional, and are the keys that let us in and keep would be intruders out.

There’s no doubt that most of us wish we could just get away with using one simple, easy-to-remember password for everything (like your beloved pet’s name) and hang on to that same password for years.

But in the case of data security and protecting both your personal and professional information, “keep it simple stupid” is not a smart idea. Here’s why:

While passwords are the simplest and least expensive form of authentication, they are also relatively easy to crack using one of the following popular methods:

• Use of a word list or dictionary program to compare lists of words or character combinations against a password until a match is found

• Obtaining the password from a sticky note at the person’s work station or by impersonating IT staff and asking over the phone.

• Guessing the password by obtaining minimal information about the person (i.e. birth date, last 4 digits of mobile number, etc.)

• and; the more technologically sophisticated method of using sniffers to read raw data and determine the keystrokes used on a machine.

Make the time necessary to plan for an extraordinary future with The Property Manager′s Guide to Proactive Management.


How to defend yourself (and your business) against password crackers

1. Avoid the use of conventional words that can be found in the dictionary. Even spelling the words backwards or tagging numbers on to the end will not provide adequate defence against the password cracking tools out there.

2. Don’t use personal references.
Information such as your name, nickname, family member’s name, pet’s name, phone number, address, etc., are surprisingly easy for a hacker to discover.

3. Aim for length and complexity. The longer a password is, the more difficult it is to crack. It’s typically recommended that passwords be 6 to 9 characters in length. As a general rule, each of the following character sets should be included in every password:

  • uppercase letters such as A, B, C;
  • lowercase letters such as a, b, c;
  • numerals such as 1, 2, 3;
  • special characters such as $, ?, &;
  • alt characters such as µ, £, Æ.

4. Don’t use the same password for multiple accounts — simply because if someone discovers your password, they will have access to EVERYTHING and can wreak havoc on your life.

5. Never share your password with ANYONE, unless it is an authorized system administrator. And even then the password should be given in person — not over the phone or via email.

6. Use extreme caution when writing down passwords. As mentioned above, it’s not wise to leave passwords lounging around your workstation. The best practice is to write down hints for passwords rather than the passwords themselves and keep them on your person or at an external location.

7. Change your passwords on a regular basis. Online financial accounts should be changed every month, while corporate network passwords should be changed every 3-4 months. As a rule, all passwords should be changed either monthly, quarterly or annually, depending on the sensitivity of the information you are trying to protect.

Careful attention to password security is especially critical in property management, as your customers are entrusting your organization with both their personal data and financial transactions. So get busy and make sure the passwords you’re using will pass muster!

Request a consultation

Attracting and Retaining Talent to Grow Your Property Management Company

Recent Posts

Subscribe to blog updates