Since we re-branded, we’ve been making a real effort to get out and about and speak to a lot more people about what we do. What has been pretty eye-opening is listening to the “guidance” that people give each other about IT…
“I keep all my passwords in a notebook”
Got to say, we were pretty horrified at this admission from someone recently, yet a few other people chimed in with “ooh, what a good idea!”. No, no, no. NO! What’s worse is that this person isn’t just keeping their own passwords written down, but passwords for their clients too.
We manage our social media, our website and all of our admin ourselves (#humblebrag) but if we were outsourcing any of this, we would expect any sensitive information to be kept safe and secure. You know, some kind of encryption and maybe a spot of two-factor authentication. Misplacing someone’s passwords because you wrote them in a notebook is completely inexcusable. Call us dramatic, but you could destroy someone’s business.
Whilst a notebook might not be the top of any self-respecting thief’s shopping list, at some point it’s fairly likely that your super-duper-secure method of password protection might just find itself in your laptop bag. What do you do then if your laptop gets pinched? Or what about if you accidentally leave said notebook behind after working in a coffee shop?We’re going to have nightmares over this scenario.
Yes, complex passwords are annoying. Yes, they are easy to forget. Let’s call a spade a spade, they’re a pain in the arse. But that’s why your devices can suggest and save complex passwords. That’s why services such as KeePass exist. Because keeping your passwords as safe as possible is bloody important.
“I use the same password for everything”
If we had a pound for every time someone has said this to us over the past few years, we could quit this IT support lark and go and live on a (modest) desert island. Even after both of us have bored audiences rigid talking about password security at different events, people still think that using the same password for everything is ok.
And it is. If you’re happy with your email password being hacked which leads to every account you’ve ever opened being compromised and probably ends with your PayPal account being emptied? You crack on. You’ve got this.
However, if you prefer to keep things a tad more secure,come up with a unique password for each of your accounts. Can’t remember them? Use your device or a password manager like KeePass to encrypt them and keep them safe from prying eyes.
(The only exception to this rule is if all the places you’re using the same password use two-factor authentication. We’ll let you off.)
“Complex passwords are annoying and hard to remember”
Yes. Yes, they are. We all have various social media accounts (except for Andy, he’s weird), as well as accounts for email, banking, shopping, even booking hair appointments or whatever. Remembering the unique complex password for everything you ever created an online account for would be impossible. We hear you. But when we’re out and about and hear people telling each other that there’s no point in using complex passwords, we internally scream. This stuff does matter!
If you’ve been paying attention, you can guess what our advice is here: use your device to generate, encrypt and save all those pesky passwords, or use a password manager such as KeePass* Did you guess we were going to say that? Gold star for you!
If you fancy a quick chat about password security (well, maybe you can’t sleep) then get in touch and we’d be happy to talk through it with you and offer some suggestions.
*Despite frequent mentions, this post is not sponsored by KeePass. We use it, we like it. Plus, it’s free and who doesn’t like free?