Updated Tech Tip: What’s a Strong Password in 2023?

Computing power is faster than ever and AI is widely available, even for criminals. This makes previously complex passwords easier to break. Here’s how to keep your passwords secure in 2023.

Use a password manager

It’s impossible for most people to remember a unique password for every website, app, and service they use. Adding password complexity, length, and age requirements to the mix makes security seem unattainable. Password managers permit people to generate and retain passwords easily. They even work on mobile devices, so you can look up, generate, and save passwords when you’re using your smartphone away from your computer.

Enable multifactor authentication (MFA or 2FA) wherever possible

Many services now encourage the use of MFA and for good reason. If an account is protected by MFA, it’s much harder for a criminal to access it, even if they know your password. Stolen or guessed credentials are used in many attacks these days, so MFA helps limit criminals’ success.

Use MDR monitored by a 27×7 Security Operations Center (SOC)

Sometimes criminals are highly motivated or they just get lucky. Sometimes vendors experience unintentional breaches of their entire list of credentials. Nothing is a perfect defense, and sometimes bad things happen. When an intruder gains access to your stuff, often they begin by doing two things: looking around to inventory what they can access and spreading around to see what else they can see by giving themselves more footholds. MDR and SOC services like SNAP-Defense look for this type of behavior so suspicious traffic can be halted and evaluated in real-time by humans who work 24 hours a day, seven days a week, analyzing traffic patterns and looking for irregularities.

Never reuse passwords across multiple sites or services

Signing into an app for food delivery, travel deals, or local transportation? Lists of usernames and passwords are published for sale continuously. Some criminal enterprises make a healthy living by doing nothing but discovering and selling these types of credential lists. Often the lists are from apps that people (and criminals) don’t care much about. Criminals win when people use the same passwords on these apps that they use for remote access at work, online banking, retirement accounts, and online shopping accounts. It’s critical to always use unique passwords, even for “junk” accounts.