Passwords are a fact of life in our digital age. We use them in both our business and personal lives to access everything from important data and financial information to games and social media sites. We’ve all heard of people who are victims of identity theft and the misery that creates. But what if someone accessed your business data? At minimum they could temporarily disrupt your business activities. Worse, they could cause major damage to your credit, financial standing and customer relationships. With this in mind, here are 6 “Dos & Don’ts” to help safeguard your passwords and all of the information they protect.

1. Do create strong passwords. Many of us fall back on easy-to-remember words or phrases for passwords. We use our pet’s names, phone numbers, birthdates, etc. Don’t do it. Criminals can learn these things about you through public records, the information you post on social media sites and even by overhearing conversations. There are software programs that professional crooks use that to quickly attempt thousands of possible passwords to find the key to a site they want to hack. Therefore a secure password should not contain any word that appears in the dictionary. Instead, choose random letter and number combinations and, if a site allows, mix upper and lower case letters with symbols such as !, #, $, or %. Too hard to remember? Then consider using a familiar phrase, a song lyric or movie title. You can then abbreviate it, add numbers and, where allowed use both upper and lower case letters. For example the song lyric, “I’ve got the moves like Jaeger,” becomes igtmlj. Add some numbers: 9igt2mlj, and upper/lowercase letters: 9igT2mlJ and the password gets stronger and stronger.
2. Don’t use the same password twice. Yes, it’s a pain to keep track of multiple passwords, but if someone gets hold of one of yours you may minimize the impact if they can’t use it to access more than one site. The same is true of security words attached to financial accounts or credit cards. And don’t use your mother’s maiden name if you can avoid it. Again, anyone can access birth records. Instead choose an obscure word that means something to you but is not readily associated with you.
3. Do change your passwords periodically. Another annoyance, yes. However, as cyber crooks continue to be more aggressive and have access to better technology it’s wise to keep one step ahead by changing passwords at least once each year. Some highly secure sites actually require you to do so.
4. Do be careful with whom you share your passwords. If you give anyone a password, it should only be a known and trusted individual. It’s unlikely that someone from a reputable organization would contact you and ask for your password, either on the phone or via email. A recent scam involves con artists posing as Microsoft technicians calling to report receiving trouble messages from your computer system. They then ask you for your password and remotely take control of your computer to “fix” the problem. Of course they are really tapping into your financial and other data. If you do share a password with someone, change it as soon as possible.
5. Do always logout of password-protected sites. This is especially true in the workplace or when using a computer in a public setting. If you don’t logout, the next person who uses the computer can go where you have just been and find information that can cause problems for you, for example in your email account.
6. Don’t forget about your mobile devices. All of the above password issues also apply to your mobile phones, tablets and laptops. If one of them is lost or stolen, what would the thief or finder be able to access? Banking information? Email accounts? Maybe even a list of all your passwords? Make sure you password protect your mobile devices and initiate the GPS tracking function if provided.