Most small business owners recognise the importance of having passwords to control access to information on computers, servers, mobile phones and other infrastructure (e.g. alarm systems) and online accounts. Selecting robust passwords (and ensuring that employees follow suit) can be a challenge, especially because of the variety of passwords required in people’s personal and professional lives.
It can be tempting to settle for simple passwords that are easy to remember. But the downside is, the weaker the password, the easier it is for hackers and other malcontents to figure it out. So on balance, small business owners are better off observing the saying, ‘better safe than sorry.
Some guidelines small business owners can follow in setting and protecting passwords are:
• Each password should be at least eight characters long, and consist of a combination of letters (lowercase and uppercase), numbers and symbols.
• Configure devices so that after the wrong password has been entered a certain number of times, the user gets locked out.
• Use different passwords for different devices, files or parts of the network, and make sure passwords are shared only on a need to know basis.
• Change passwords periodically (e.g. every four months) so that former employees or criminals who have already breached the business’ security measures do not continue to enjoy access.
• Keep your passwords safe and do not leave them in obvious places that are easily reachable.
• Discourage employees from sharing their passwords with each other For small business owners who think there is too much fear-mongering and they do not have to worry about their passwords, a simple internet search yields numerous websites listing commonly used passwords i.e. Mashable’s 25 worst passwords of 2011.
Small business owners whose passwords are on this and other lists should not delude themselves – failing to change their passwords and upgrade to stronger ones is likely to cause trouble at some point in the future.