• Password Complexity: A strong password should be complex, typically containing a mix of uppercase and lowercase letters, numbers, and special characters. Longer passwords are generally more secure. Avoid using easily guessable information, such as names, birthdays, or common words.

• Password Length: Longer passwords are generally more secure than shorter ones. Aim for a minimum of 12 characters, but longer is even better.

• Unique Passwords: Use a unique password for each online account or service. Reusing passwords across multiple accounts can be dangerous because if one account is compromised, all the others are also at risk.

• Password Managers: Consider using a reputable password manager to generate, store, and manage complex passwords for various accounts. This allows you to have unique passwords for each account without the need to remember all of them.

• Multi-Factor Authentication (MFA): Enable MFA whenever possible. MFA adds an extra layer of security by requiring a second or third form of verification, such as a code sent to your phone or generated by an app, in addition to your password.

• Regular Password Updates: Change your passwords regularly, especially for critical accounts. This practice helps mitigate the risk if a password has been compromised but not yet detected.

• Beware of Phishing: Be cautious of phishing attempts where attackers try to trick you into revealing your password by posing as legitimate entities. Always verify the website's URL and avoid clicking on suspicious links.

• Avoid Sharing Passwords: Never share your passwords with anyone, even with friends, family, or colleagues. Legitimate organizations will never ask for your password via email or phone.

• Secure Network: Be cautious when entering passwords on public or unsecured Wi-Fi networks. Use a virtual private network (VPN) for added security.

• Account Lockout Policies: Enforce account lockout policies that temporarily lock an account after a certain number of unsuccessful login attempts. 

• Monitor Account Activity: Regularly monitor your accounts for suspicious activity and enable email or text notifications for any login attempts.

Remember, password security is just one part of a comprehensive cybersecurity strategy. Combining strong passwords with other security measures like software updates, antivirus protection, and user education can significantly improve overall security.

Get in touch with our team of experts for more information on how Evolve can help protect your organisation!