A short and simple password is not unlike leaving a spare key under your doormat. You may think by not being the biggest business on the street that you're safe from theft, but you've created a scenario that makes your practice the low-hanging fruit for potential criminals.
As a dental practice, the information guarded behind your passwords is valuable to hackers and a much easier target than larger companies with full security teams. A weak password not only puts your practice at risk but your patients who put their trust in you. Here are a few behaviors to adopt to craft a secure password.
Your password should be hard to guess.
Is the practice's address part of your email password? Does the password for your accounting software reference a staff member's dog? Or are you using a string of numbers that would work better as the combination for your luggage (learning nothing from the 1987 cinematic masterpiece Spaceballs)?
These are examples of passwords that are easy for someone to guess using basic information sourced from social media or your website. And if you're using common words or names paired with a string of numbers, it won't be difficult to crack.
Try to avoid using common words or names in your passwords. Skip passwords that an acquaintance or anyone with internet access would be able to guess.
Like a good carb, a password should be complex.
For years, the typical internet user would employ the standard password combination of: "name of dog/cat/fish" + "year of birth/graduation." While this pairing was acceptable in the dark ages of dial-up modems and the AOL free-trial CD, it provides little-to-no defense against today's cybercriminal.
Understand that with enough time, any password is crackable – the most basic passwords only taking hours or a few days to crack. However, with each bit of complexity that you add to your password, you are possibly adding months or years to the time it takes to crack. The more time it takes to crack your password, the less likely a hacker will invest their time trying to crack it.
How to make your password stronger.
When you create or update a password today, most online services will provide suggestions on how to make a strong password. Some will go to the point of requiring a strong password to use their service. If a service doesn't require a strong password, it's important to remember a few essential methods of adding complexity to your password.
Try to build a password that's at least 12 to 14 characters (letters, numbers, etc.) in length. While there's no standard on the minimum length of a password, most services will require a length within this range. Making your password even longer can provide additional bits of complexity to your password.
While the length of your password is essential, you should strive to add complexity to the characters you are using. Along with letters and numbers, try to use any symbols that your account will accept like: !@#$%^&*()?. Also alternate between lower-case and capital letters, preferably in a way that isn't obvious (ex. capitalizing the first letter of a password).
On the topic of obvious passwords, try to use more than common substitutions when building your password. Using the number 0s for the letter o, 1 for i, or 5 for s are all common substitutions that can be easily swapped in when trying to guess or crack your password.
How to remember your password.
As passwords are increasing in length and complexity, they are becoming significantly more challenging to remember. We've mentioned that storing all your passwords in a notebook at your desk isn't as secure as you might think. Storing your passwords in a browser-based solution like Google Chrome, Internet Explorer, or Firefox puts your information at risk if your computer is ever stolen.
Using an encrypted password manager like 1Password or LastPass is a secure and easy way to store all your passwords in one place. However, if you aren't willing to use a password service, here are a few tips for creating a password that you'll never have to write down or store.
A passphrase is an excellent way for you to create a strong password that you will remember. With a passphrase, you're building a simple sentence that's memorable for you, while substituting numbers and symbols for the letters in the sentence.
For example, if you're particularly happy with the amount of money you save on dental claims with Renaissance, your password might be: "iSav3TonsOf$$$wRemot3Lit3!". If you still haven't recovered from Avengers Endgame, your password might be "iLov3U3000xIronM4n!". The goal is to create a phrase that you can easily remember and then work out the substitutions you added.