Anybody got a password Th@tL00k$Lik3This? You may not know it, but it's largely because a man named Bill Burr wrote a report in 2003 as a guide for federal agencies that recommended many of the password creating techniques that many of us now use.
It boils down to simple mistakes: when people are required to change passwords every 90 days, they only make simple changes that are easy for hackers to guess. Anyone change their passwords from 'p@$$word1' to 'p@$$word2'? Hackers know that. Also, computer simulations have shown that passwords that are longer, and full of regular characters are much more difficult for hackers to guess than password full of numbers and extra characters. So, 'thewhitepolarbearswimming' is tougher than 'p0l@rbear!87'
Our advice for small business owners is to start setting passwords you can remember that are longer rather than strange. If you have too many passwords to keep track of, look into a solid password management software, we can tell you that in the IT Support business, it is an absolute lifesaver for us. And don't bother changing those passwords every 90 days, just change them if you think your password has been compromised. (If you want to see if your passwords have been compromised, give us a call! We have an exciting new service that will allow us to search the dark web for your credentials, so that we can let you know which of your passwords are known to hackers. Even if YOU don't know about it.)
To read more from the fascinating article we found this information is, click here: The Wall Street Journal.