We are way beyond “Password1” when it comes to choosing the credentials that contain our private and sensitive data.  At KHC, we lock all our devices automatically and require passwords or passphrases to unlock them.  These passcodes are required to be changed every 90 days at a minimum.  Below are some other tips we use and recommend.

*Use sophisticated passwords/phrases. Make these hard to guess and at least 15 characters long, using a combination of upper and lower-case letters, numbers, and symbols.  Try to use phrases that are long enough to be secure but also easy to remember, such as “IGottMarriedin2011*.”  Notice that “got” is spelled wrong.  Don’t write passwords down and certainly don’t store them near your computer or mobile device.  Remember: Password1 is not a password.

*Do not store passwords by clicking the “remember me” box.

*Delete the manufacturer’s default password on all your software.

*Use encrypted password management software. We recommend LastPass, Dashlane, or Roboform.  These have good reputations and user-friendly interfaces.

*Require multi-factor authentication when possible. Also known as Two Factor Authentication (2FA) is a great way to deter cyber criminals from accessing your accounts.  It is an extra layer of security that requires not only a username and password but another fact that only the user would know – such as a security token or code sent to the user’s cell phone to ensure it’s really you.  KHC uses multi-factor authentication for most of our software now.

*Only share passwords on a must-know basis. At KHC, we only share passwords only if they are essential to the function of the individual employee.

*Password-protect sensitive files and devices.

*Always lock your computer and mobile devices.

*Stay alert and report any suspicious activity to the local authorities.

If you have any questions or would like to discuss these topics further, please call us (913) 345-1881.