What PR pros need to know about passwords and cybersecurity awareness
By Bre ChamleyJanuary 30, 2022
Around 25% of corporate employees reuse passwords for all of their devices, logins, or accounts. Employees in corporate communications tend to use multiple websites and programs that require a password. While you might justify using the same password for those sites by saying it's better than forgetting them, thinking that way can compromise your personal and professional information.
Audio: Listen to this article.
We are a trusted public relations advisor to cybersecurity companies and organizations seeking helpful expert guidance on corporate communication before, during, and after a cyber attack. We can help you ensure your password remains secure, as long as you remember the five protocols for creating one: choose a long and random password, make it memorable, use multifactor authentication when available, don’t use the same passwords, and use a password manager.
Five Steps to a Secure Password:
- Choose a long and random password.
When deciding on a password, make sure it's around 12-15 characters. If you add many more characters, you may forget part of it. You don’t want a password much shorter, though, because it’s easier for a hacker to guess. You also want to make it random. But not random as in a series of letters and numbers that mean nothing to you. You’ll probably forget that, too. You don’t want to choose your pet or kid’s name as your password, either. Instead, choose a phrase that makes sense to you but truly is random. Some examples are HairSpray, MovieTheatre, and FlannelJacket. Then, you want to customize your phrase. This can be anything from adding numbers to the end, changing an “a” to an @, changing an “E” to a 3, or adding special characters. - Make it memorable.
This goes along with Step 1. The main reason people use weak passwords is so they don’t forget them. So, when you develop your new and more secure passwords, don’t forget to make them memorable to you. You just don’t want to make them memorable to anyone else! - When available, use multifactor authentication.
This isn’t always an option, but use multifactor authentication when you can. Its purpose is to “double-check” that you are the person signing into an account. You have a couple of options for multifactor authentication. You can set your email or phone number to receive a random number to type in after you log into your account. You can also download an authenticator app, which will have a random number for you to plug in that you can access with the app. - Don’t use the same password.
It’s understandably easier to remember a single password over multiple difficult ones. However, it's important to use different passwords so if anyone guesses one, only some of your information or the company’s information is compromised. - Use a password manager.
A password manager is a program where you can generate and store passwords. This is beneficial because it helps create safe passwords and helps you remember them.
To make sure you have a secure password and that you aren’t associated with a data breach, sign up for Have I Been Pwned to monitor your work email address for data breaches and to let you know if you need to change your passwords.
Communication pros like you work from computers, tablets, cellphones, or other internet-connected devices. This means your entire job is available to anyone who can guess your passwords. So, make sure you think twice before using the same password again.
If you're currently experiencing a cybersecurity incident, book a crisis cybersecurity consultation. Not under duress but looking for help communicating about cybersecurity before a cyber attack? We can help you. Book a free cybersecurity consultation.
This post about passwords is number one in a series of eight posts on cybersecurity for strategic communications professionals. Click to view the next post "What PR pros need to know about data handling and cybersecurity awareness" in the series.
Photo by Miguel Á. Padriñán from Pexels
Topics: online public relations, cybersecurity
Comment on This Article