Password Encryption and Security: Best Practices

Password Encryption and Security: Best Practices image encryption and password security resized 600Password Encryption and Security: Best PracticesPassword security is easy, right? These days, programs and sites make you choose a complex password with at least one number, one symbol, one capitalized letter, etc. Besides, sites and programs encrypt all of that information. Right?


Unfortunately, it’s not that easy. Sites and web applications often give their users a false sense of security with their complicated password requirements and SSL encryption claims. In reality, complex password requirements may make it easier for a hacker to guess your password, as it provides them with a strategy for guessing a password based on a site or program’s password requirements and limitations. And encryption offers limited protection—hackers can analyze the encrypted password “hash” from a collected database and effectively reverse passwords from it.

Your business can’t afford the consequences of a data breach. Rather than relying upon the password requirements or encryption of a site or application, your best bet for password security is to create strong passwords and back them with a second layer of security.

Here are some tips for creating strong passwords:

  • Never, ever use the word “Password”, the number sequence “123,” or the name of the program or app in your password. These are very commonly used and, therefore, easy for hackers to guess.
  • Always change the default password that came with a program, device, or site.
  • Change your passwords at least every three months.
  • Get creative. Think of a password that even your best friend or spouse would never come close to guessing.

Beyond Strong Passwords

Creating strong passwords is an absolute must when protecting yourself and your network. But it’s important be aware that even the strongest of passwords provides only one layer of security—a layer that, historically, advanced hackers have been able to penetrate again and again. Using only passwords for authentication (single-factor authentication) can involve great risk, especially for businesses and organizations. After all, it only takes one employee’s compromised password to jeopardize your entire system.

For these reasons, I recommend that all of business clients (and anyone very concerned about sensitive data, etc.) consider multi-factor authentication software.

What is multi-factor authentication? Multi-factor authentication (MFA) requires users to present two or more of the three common authentication “factors” in order to gain access to a system: something you know (like a password), something you have (like a token or mobile device), and something you are (like a fingerprint or iris scan).

MFA is growing in popularity and will likely be commonplace in the near future. Cost-effective soft tokens and convenient mobile applications have made MFA systems much more accessible to everyday users and businesses of all sizes.

Consistently using password security best practices ensures that you’re strengthening your passwords to protect yourself and your business from a potentially disastrous security breach or phishing attack. But, only switching to a multi-factor authentication system will truly make your system impenetrable to outside attackers.

Learn more about multi-factor authentication in our free download, “12 Questions You Need to Ask Your Multi-Factor Authentication Vendor.”

More Tech articles from Business 2 Community:


Editor’s note:Yahoo Philippines encourages responsible comments that add dimension to the discussion. No bashing or hate speech, please. You can express your opinion without slamming others or making derogatory remarks.

  • China says U.S. actions in S.China Sea "irresponsible, dangerous"
    China says U.S. actions in S.China Sea "irresponsible, dangerous"

    By Sui-Lee Wee BEIJING (Reuters) - China said on Friday it was "strongly dissatisfied" after a U.S. military plane flew over part of the South China Sea near where China is building artificial islands, and called on the United States to stop such action or risk causing an accident. The Chinese navy issued eight warnings to the U.S. P8-A Poseidon, the U.S. military's most advanced surveillance aircraft, when it conducted the overflights on Wednesday, according to CNN, which had a team on board …

  • 2015 Hyundai Lateral Drift goes to Philippine Arena
    2015 Hyundai Lateral Drift goes to Philippine Arena

    The smell of burnt rubber and screeching tires are some of the highlights that will be seen at the most adrenaline-pumped drifting event of the year—the 2015 Hyundai Lateral Drift Championship series.   Held at the Philippine Arena in Bocaue, Bulacan, the event will be the biggest venue in the drifting competition. This is the […] The post 2015 Hyundai Lateral Drift goes to Philippine Arena appeared first on Carmudi Philippines. …

  • The Richest Senators In The Philippines
    The Richest Senators In The Philippines

    The 2014 Statement of Assets, Liabilities, and Net Worth for politicians and public servants are now available for anyone to … The post The Richest Senators In The Philippines appeared first on …

  • PHILIPPINES PRESS-AirAsia Philippines seeks $500 mln valuation for IPO - Inquirer

    The Philippine unit of Malaysian budget carrier AirAsia Berhad is seeking a valuation of at least $500 million for its initial public offering set within the next two years, the Philippine Daily Inquirer ... …

  • Consultant, facing joblessness, claims P5.9-M lotto pot
    Consultant, facing joblessness, claims P5.9-M lotto pot

    A 39-year-old information technology consultant, whose job contract will expire this month, has claimed his share of the 6/45 Mega Lotto’s P17.8-million jackpot in its May 13 draw, the Philippine Charity Sweepstakes Office (PCSO) announced yesterday. “I could not sleep for the past several days, thinking about where I could get the money to pay my children’s tuition,” the winner told PCSO general manager Jose Ferdinand Rojas II when he received a check for P5.9 million at the PCSO’s central …

  • Cager’s daughter: I will never drive again
    Cager’s daughter: I will never drive again

    Kim Asaytono vowed never to get behind the wheel again after she hit 14 people on Tuesday night and killed one of them. Even if she gets out of jail one day, the 22-year-old daughter of former Philippine Basketball Association player Nelson Asaytono said she no longer wants to drive. Maybe, I will still ride a car but I will never drive again,” she told The STAR in an interview in her jail cell at the Manila Police District headquarters. …

  • Disaster center to rise in Clark
    Disaster center to rise in Clark

    The private sector is set to build a disaster operations center near Clark international airport in Pampanga to strengthen the country’s preparedness against natural calamities. In his closing remarks during a two-day Earthquake Resilience Conference, businessman Manuel V. Pangilinan said yesterday the Philippine Disaster Recovery Foundation (PDRF) would build the center that would serve as base for immediate response to a disaster. Pangilinan, co-chair of the PDRF, said the disaster …

  • China shoos away US plane in disputed sea
    China shoos away US plane in disputed sea

    The Chinese navy warned a US surveillance plane flying over artificial islands that Beijing is creating in the disputed South China Sea to leave the area eight times, according to CNN, which was on board the flight on Wednesday. The P8-A Poseidon, the US military’s most advanced surveillance aircraft, flew at 4,500 meters at its lowest point, CNN said. The incident, along with recent Chinese warnings to Philippine military aircraft to leave areas around the Spratly archipelago in the South …


Should Aquino be held accountable over the Mamasapano operations?

Poll Choice Options