Your best option is to use a password manager, for more information on that, read our blog: https://cloud-cover.me/hollis-blog/10-cybersecurity-tips-business-to-implement
Include a mix of upper and lowercase letters, numbers, and special characters, such as $ ! & %, etc.
Use a passphrase instead of a password. An example could be ATreehas86GR8AppleZ!
Use different passwords for all accounts, especially personal and work accounts, those should always be different.
Use Multifactor Authentication (MFA) when possible. Factor one is something you know, such as your password,, Additional factors will be something you have, such as a text message sent to your phone or your fingerprint or face ID.
Don't use your personal information as part of your password, it's too easily found on the internet.
Don't store your passwords in Chrome or other internet browser password managers. While, this might seem more secure, these actually store your passwords in clear text, so if someone accesses your machine, or your google account, they will have access to all of your passwords.
Don't keep your passwords written down on a piece of paper or a notebook near your computer.
Don't use the same passwords for multiple accounts or use the same variation.
Do not email or text your passwords to anyone. You shouldn't be sharing them with anyone anyway.
If you think that this is all old news and everyone knows these best practices and none of your employees are putting your business at risk because of bad password practices, think again. According to Security Magazine, 3 in 4 people are at risk of being hacked due to poor password practices.
If you are concerned that you or your employees credentials could be at risk, we can run a dark web scan report for you. The report will show us if you or anyone using a company email has had their email or passwords involved in a breach. We can send you the report and it takes us about 10 minutes to run the report for you. To find out more about that, check out our page: cloud-cover.me/free-dark-web-scan-offer
Please share these best practices and Dos and Don'ts with your team. It could mean the difference between your organization's data security and a breach.
A strong password or passphrase should be long, unique, and hard to predict. Ideally it should be at least 15–16 characters long, or even better, a passphrase made of multiple unrelated words. It should avoid dictionary words, personal information (like birthdays or pet names), and common patterns. Using a mix of uppercase/lowercase letters, numbers, and special characters (or a sufficiently long passphrase) also helps.
No, reusing passwords across accounts is risky. If one account gets compromised, reused passwords can put all other accounts at risk. It’s far safer to use a unique password for each account, especially for important ones such as email, banking, business logins, etc.
Rather than forcing frequent arbitrary password changes (which can lead to weaker, reused passwords), it’s best to change or reset passwords when there’s evidence of a compromise, or when the account has been exposed. For routine usage, focus instead on having long, unique, strong passwords and combining them with MFA.