{"id":6930,"date":"2021-05-05T12:20:55","date_gmt":"2021-05-05T20:20:55","guid":{"rendered":"https:\/\/cheapsslsecurity.com\/blog\/?p=6930"},"modified":"2021-05-05T12:20:56","modified_gmt":"2021-05-05T20:20:56","slug":"password-security-tips-you-should-know","status":"publish","type":"post","link":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/","title":{"rendered":"10 Password Security Tips You Should Know"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Having strong password security isn\u2019t a preference \u2014 it\u2019s a critical requirement for account security. Here are 10 password security tips that can help you keep your organization\u2019s accounts safe on World Password Day 2021 and throughout the rest of the year<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Passwords security boils down to protecting access to your virtual kingdom. Employees use these types of memorized secrets to secure everything from their personal bank accounts to their work accounts that allow them to access your organization\u2019s sensitive systems and data. However, the passwords users create often are neither strong nor secure. <a href=\"https:\/\/enterprise.verizon.com\/resources\/reports\/dbir\/\">Verizon\u2019s 2020 Data Breach Investigation Report<\/a> (DBIR) shares that lost\/stolen credentials and brute force attacks are involved in 80% of the hacking-related breaches that occurred in 2019. This is where having some useful password security tips can come in handy.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Do you know whether your employees are using strong passwords? Are they adhering to password security best practices? And is your IT team implementing best practices for strong password storage and security? In this article, we\u2019ll cover what experts identify as characteristics of a strong password. We\u2019ll also go over a list of 10 password security tips you can implement right away to help better secure your organization.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Breaking Down Password Security Basics: What\u2019s a Strong Password?<\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignright size-large is-resized\"><img decoding=\"async\" src=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2016\/07\/strong-password.jpg\" alt=\"strong password security\" class=\"wp-image-2275\" width=\"414\" height=\"276\" srcset=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2016\/07\/strong-password.jpg 500w, https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2016\/07\/strong-password-300x200.jpg 300w\" sizes=\"(max-width: 414px) 100vw, 414px\" \/><figcaption>A password security graphic that&#8217;s a screen of a password being entered into a login form.<\/figcaption><\/figure><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">What one person considers a strong password is often very different from what actually qualifies as such. And, frankly, password recommendations have changed over time. For example, the <a href=\"https:\/\/www.fbi.gov\/contact-us\/field-offices\/phoenix\/news\/press-releases\/fbi-tech-tuesday-strong-passphrases-and-account-protection\">FBI says<\/a> that it\u2019s better to use a strong and long <em>passphrase<\/em> instead of a traditional password. They describe a passphrase as a combination of words that\u2019s greater than 15 characters in length.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But why is having a longer password (or, moreover, passphrase) better in terms of account security? The <a href=\"https:\/\/pages.nist.gov\/800-63-3\/sp800-63b.html\">National Institute of Standards and Technology (NIST)<\/a> describes password length as defining factor of password strength and security in their Digital Identity Guidelines (SP-800-63B). \u201cPasswords that are too short yield to brute force attacks as well as to dictionary attacks using words and commonly chosen passwords.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">However, there are a few key traits or qualities that help you form a strong password (or, more accurately, passphrase):<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Uniqueness.<\/strong> Every account should use a unique password. This means users should never reuse or recycle passwords on accounts or, worse, across multiple accounts. This approach of having a unique password for every account helps to prevent a compromised password from being used in password cracking methods like rainbow tables and brute force attacks.<\/li><li><strong>Length. <\/strong>We\u2019ve already touched on this guidance from both NIST and the FBI. With this in mind, passwords\/passphrases should be at least 15 characters in length (going by the FBI\u2019s recommendation). However, it\u2019s best to encourage your employees to use longer passwords.<\/li><li><strong>Difficulty.<\/strong> A password should be something that\u2019s hard for someone else to try to guess but easy for you to remember. Even if it uses some common words, a cybercriminal still has to get them in the right order, and with the proper capitalizations, to use them in dictionary attacks.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">But using strong passwords isn\u2019t just a good password security best practice \u2014 it\u2019s also critical to your organization\u2019s compliance. Regulations like the <a href=\"https:\/\/www.pcisecuritystandards.org\/documents\/PCI_DSS_v3-2-1.pdf\">Payment Card Industry Data Security Standard (PCI DSS)<\/a>, European Union\u2019s <a href=\"https:\/\/gdpr-info.eu\/\">General Data Protection Regulation (GDPR)<\/a>, and the <a href=\"https:\/\/www.hhs.gov\/hipaa\/for-professionals\/security\/laws-regulations\/index.html\">Health Insurance Portability and Accountability Act (HIPAA)<\/a> require strong authentication or technical measures for access to help keep sensitive systems and data secure and protect user privacy.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">10 Password Security Tips to Implement Within Your Organization<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Unfortunately, poor password security practices are common. There are many factors that play into poor password security. It\u2019s not just about employees creating and using weak passwords. Some password security issues result from a lack of employee training, poor password policies, and even poor IT security and password storage practices.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With this in mind, here are 10 password security tips that can help steer you in the right direction.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. Require Employees to Use Strong Passphrases Instead of Passwords &nbsp;<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">A traditional password contains uppercase and lowercase letters, numbers, special characters, and at least eight characters in length. By opting to use passphrases instead, you\u2019re making longer and strong passwords that are easier to remember. This can be part of a password policy that you have in place and enforce regularly.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Educate Your Employees On Password Security<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Don\u2019t leave your employees to flounder \u2014 provide them with specific guidance and examples of strong passwords. For example, if you tell them to add special characters or numbers to their passwords, know that they\u2019re likely just going to switch letters for common replacements, like \u201c3\u201d for \u201cE,\u201d \u201c@\u201d for \u201ca,\u201d or adding \u201c!\u201d to the beginning or end of their passwords. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">All of this information should be part of their <a href=\"https:\/\/cheapsslsecurity.com\/blog\/security-awareness-training-a-5-step-process-to-success\/\">cyber awareness training<\/a> and should be included in your organization\u2019s password policy. As a note, this type of training should also cover other areas of password security, such as credential phishing methods, and provide other useful password security tips. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. Only Store Salted Password Hashes<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">A critical requirement of strong organizational password security is only to store password hash values. The NIST standard we mentioned earlier says that you should never store the passwords themselves and that you must use secure storage methods that are resistant to offline attacks. Hashing and salting (more on the latter in a moment) your passwords is one way to do this.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A <strong>hash<\/strong> is a one-way mathematical function (i.e., a <a href=\"https:\/\/cheapsslsecurity.com\/blog\/hashing-vs-encryption\/\">hashing algorithm<\/a>). So, when you hash a password, you\u2019re generating a unique cryptographic hash value that\u2019s too impractical and resource-intensive for anyone to reverse map. The downside of hashing passwords on their own is that if you hash the passwords of two users who use the exact same password (input), it\u2019ll generate the same password hash value (output).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Let\u2019s consider an example to explain this a little more clearly. Say two of your employees, users 1 and 2, are using the same password \u201cB0ringP@ssword.\u201d When you hash the password (in this example, we\u2019ll use the MD5 hash), both user 1 and user 2 will have the same hash digest \u201c46ab95fa1d5e5894ff780359d23a1067.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This is an issue because cybercriminals can use that information to map or match password hashes to those they keep on file from data breaches. To prevent this from happening and to make those password hashes more complex and secure, you\u2019ll want to add a unique salt to each password first. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A <strong><a href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Password_Storage_Cheat_Sheet.html#salting\">salt<\/a> <\/strong>is a unique, random number. By salting the password before hashing it, you\u2019re making it so that the password hash values that generate are unique \u2014 even if two employees use the exact same password.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Now, let\u2019s see what happens when we apply unique salt values to the same B0ringP@ssword example. If we add &#8220;Salt1&#8221; to user 1\u2019s password and &#8220;Salt2&#8221; to user 2\u2019s password before hashing them, you\u2019ll get two entirely different (unique) hash values:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>User 1\u2019s input of &#8220;B0ringP@sswordSalt1&#8221; becomes the password hash value <strong>94d1d9a4d4ab0553a6ebae030076309d<\/strong>.<\/li><li>User 2\u2019s input of &#8220;B0ringP@sswordSalt2&#8221; becomes the password hash value <strong>461fa688da15c267951979eeeeb2acbf<\/strong>.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">So, as you can see in the example above, even though both users use the same password, their hash values are unique because of the addition of a salt value in each case.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. Don\u2019t Require Periodic Password Changes<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Although it\u2019s contradictory to traditional password security tips, NIST recommends that you stop requiring employees to change their passwords in SP-800-63B. Why? Because users are more likely to use weak passwords or reuse passwords across multiple accounts for the sake of convenience if you require them to do so frequently. Or, they may just add \u201c123\u201d or something similar to the end of their existing passwords. Again, this practice may be convenient but it doesn\u2019t make for more secure passwords.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5. Allow Users to Copy and Paste Passwords Into Login Forms<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">NIST recommends allowing the copy-paste functionality for password fields because it encourages the use of password management tools and apps. Users can use password managers to generate and store complex passwords. Considering that NordPass reports the average user has <a href=\"https:\/\/nordpass.com\/blog\/overcoming-password-stress\/\">upwards of 80 passwords<\/a>, it\u2019s no surprise that password managers are becoming increasingly popular with certain age groups.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.hypr.com\/wp-content\/uploads\/The_State_Of_Passwordless_Authentication_2021_Report.pdf\">HYPR\u2019s The State of Passwordless Authentication 2021 report<\/a> shares that 39% of Millennials and 24% of Generation Z adults use password management apps. That\u2019s because password managers offer convenience for individuals who want to use more complex passwords but don\u2019t want to have to remember all of them individually.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">6. Disable Password Hints<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Although password hints may seem like a great idea, they actually pose a significant risk to account and password security. As such, NIST guidelines specifically state that you shouldn\u2019t allow users to store hints that are viewable to unauthenticated users. Furthermore, they also speak out against using specific types of personal information for password security verifiers, such as \u201cwhat is your mother\u2019s maiden name?\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">7. Develop a Password Blacklist to Compare User-Generated Passwords\/Passphrases Against<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Integrate various lists into your password security system to force users to create more secure passwords. For example, you can create \u201cblacklists\u201d of passwords or passphrases that employees can\u2019t use. You can develop these lists using:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Lists of the <a href=\"https:\/\/www.oxfordlearnersdictionaries.com\/us\/wordlist\/\">common words<\/a> that you can find in the dictionary (and <a href=\"https:\/\/www.lexico.com\/explore\/word-lists\">other interesting words<\/a>),<\/li><li><a href=\"https:\/\/nordpass.com\/most-common-passwords-list\/\">Lists of common passwords<\/a> (such as \u201cqwerty\u201d or \u201c1234567890\u201d), and<\/li><li>Repetitive or sequential characters or numbers (such as typing \u201c11111111\u201d or \u201cpoiuytr\u201d on your device\u2019s keyboard).<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">If a user tries to use one of these prohibited options, prevent the password creation process from moving forward until they enter a different password or passphrase.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">8. Make Breached Password Lists Another Password Security Bulwark<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Much like the previous item on our list, you can use lists of known breached passwords as another password creation security measure. That\u2019s because breached password lists are easy to find online and make great resources for your organization. If any of the passwords users try to create match the ones on your lists, your system will automatically require them to enter a different value. &nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">You can find massive <a href=\"https:\/\/haveibeenpwned.com\/Passwords\">breached password lists<\/a> on the website <a href=\"https:\/\/haveibeenpwned.com\/\">haveibeenpwned.com<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">9. Require Users to Use a VPN When Connecting to Your Secure Resources<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Most password security tips only focus on recommendations for creating strong passwords. But another important aspect of password security is ensuring that users are using secure connections when logging in to your internal sites, web apps, and other secure resources.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A virtual private network (VPN) is a great option for employees who are working remotely. That\u2019s because a VPN allows users to enter their login credentials to connect and transmit data securely over the internet using encrypted connections. Without encryption, any data you transmit \u2014 including your usernames and passwords \u2014 bounces around the internet in an unsecure (i.e., readable) format. This plaintext data is something that cybercriminals and other bad guys can easily intercept, steal, modify or use without your permission.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">10. Get Rid of User Passwords Altogether<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">The final password security tip we\u2019re going to share isn\u2019t about passwords but, rather, the absence of them within your organization. Passwordless authentication methods such as multi-factor authentication and <a href=\"https:\/\/cheapsslsecurity.com\/p\/what-is-ssl-client-certificate-authentication-and-how-does-it-work\/\">PKI certificate-based authentication<\/a> are great password security alternatives that are gaining traction. The HYPR report we mentioned earlier says their team was surprised to discover that the majority of their survey respondents already use passwordless technologies in their personal and professional lives.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">But why are passwordless authentication methods becoming so popular? Frankly, it\u2019s because you get the best of both worlds (and then some!). From a user perspective, it makes proving their digital identities and authenticating online a whole lot easier. From an organizational perspective, it\u2019s a way to save IT-related time, labor and resources. HYPR reports 90% of their survey respondents\u2019 organizations experienced phishing attacks in 2020 that \u201cincurred significant helpdesk costs from password resets.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">To summarize, passwordless authentication methods offer:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Greater security for your organization than traditional passwords,<\/li><li>A better experience for your users, and<\/li><li>Reduced IT costs and credential compromise risks for your organization.<\/li><\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Passwords aren\u2019t going anywhere anytime soon. They\u2019re still something that every organization is going to have to deal with for years to come. This is why we hope these password security tips come in handy for you and your IT security team.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Having strong password security isn\u2019t a preference \u2014 it\u2019s a critical requirement for account security. Here are 10 password security tips that can help you keep your organization\u2019s accounts safe on World Password Day 2021 and throughout the rest of the year Passwords security boils down to protecting access to your virtual kingdom. Employees use<\/p>\n","protected":false},"author":8,"featured_media":6933,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[417],"tags":[442,443],"class_list":["post-6930","post","type-post","status-publish","format-standard","has-post-thumbnail","category-cybersecurity","tag-password-security","tag-passwords"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>10 Password Security Tips You Should Know<\/title>\n<meta name=\"description\" content=\"Not sure how to boost your company&#039;s defenses? Having strong password security is a start: Here are 10 password security tips you can use now.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"10 Password Security Tips You Should Know\" \/>\n<meta property=\"og:description\" content=\"Not sure how to boost your company&#039;s defenses? Having strong password security is a start: Here are 10 password security tips you can use now.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/\" \/>\n<meta property=\"og:site_name\" content=\"Savvy Security\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cheapsslsecurities\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-05T20:20:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-05T20:20:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2021\/05\/password-security-tips-feature.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Savvy Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sslsecurity\" \/>\n<meta name=\"twitter:site\" content=\"@sslsecurity\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Savvy Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/\"},\"author\":{\"name\":\"Savvy Security\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ce9a5743b7f25b5be6e4972864b4493\"},\"headline\":\"10 Password Security Tips You Should Know\",\"datePublished\":\"2021-05-05T20:20:55+00:00\",\"dateModified\":\"2021-05-05T20:20:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/\"},\"wordCount\":2095,\"image\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/password-security-tips-feature.jpg\",\"keywords\":[\"Password Security\",\"Passwords\"],\"articleSection\":[\"SMB Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/\",\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/\",\"name\":\"10 Password Security Tips You Should Know\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/password-security-tips-feature.jpg\",\"datePublished\":\"2021-05-05T20:20:55+00:00\",\"dateModified\":\"2021-05-05T20:20:56+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ce9a5743b7f25b5be6e4972864b4493\"},\"description\":\"Not sure how to boost your company's defenses? Having strong password security is a start: Here are 10 password security tips you can use now.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/password-security-tips-feature.jpg\",\"contentUrl\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/05\\\/password-security-tips-feature.jpg\",\"width\":1600,\"height\":1000,\"caption\":\"password security tips feature image of a login screen\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/password-security-tips-you-should-know\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"10 Password Security Tips You Should Know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/\",\"name\":\"Savvy Security\",\"description\":\"Practical cybersecurity advice\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ce9a5743b7f25b5be6e4972864b4493\",\"name\":\"Savvy Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g\",\"caption\":\"Savvy Security\"},\"description\":\"Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24\\\/7 security teams.\",\"sameAs\":[\"blogadmin\"],\"url\":\"https:\\\/\\\/cheapsslsecurity.com\\\/blog\\\/author\\\/blogadmin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"10 Password Security Tips You Should Know","description":"Not sure how to boost your company's defenses? Having strong password security is a start: Here are 10 password security tips you can use now.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/","og_locale":"en_US","og_type":"article","og_title":"10 Password Security Tips You Should Know","og_description":"Not sure how to boost your company's defenses? Having strong password security is a start: Here are 10 password security tips you can use now.","og_url":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/","og_site_name":"Savvy Security","article_publisher":"https:\/\/www.facebook.com\/cheapsslsecurities","article_published_time":"2021-05-05T20:20:55+00:00","article_modified_time":"2021-05-05T20:20:56+00:00","og_image":[{"width":1600,"height":1000,"url":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2021\/05\/password-security-tips-feature.jpg","type":"image\/jpeg"}],"author":"Savvy Security","twitter_card":"summary_large_image","twitter_creator":"@sslsecurity","twitter_site":"@sslsecurity","twitter_misc":{"Written by":"Savvy Security","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#article","isPartOf":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/"},"author":{"name":"Savvy Security","@id":"https:\/\/cheapsslsecurity.com\/blog\/#\/schema\/person\/1ce9a5743b7f25b5be6e4972864b4493"},"headline":"10 Password Security Tips You Should Know","datePublished":"2021-05-05T20:20:55+00:00","dateModified":"2021-05-05T20:20:56+00:00","mainEntityOfPage":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/"},"wordCount":2095,"image":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#primaryimage"},"thumbnailUrl":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2021\/05\/password-security-tips-feature.jpg","keywords":["Password Security","Passwords"],"articleSection":["SMB Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/","url":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/","name":"10 Password Security Tips You Should Know","isPartOf":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#primaryimage"},"image":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#primaryimage"},"thumbnailUrl":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2021\/05\/password-security-tips-feature.jpg","datePublished":"2021-05-05T20:20:55+00:00","dateModified":"2021-05-05T20:20:56+00:00","author":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/#\/schema\/person\/1ce9a5743b7f25b5be6e4972864b4493"},"description":"Not sure how to boost your company's defenses? Having strong password security is a start: Here are 10 password security tips you can use now.","breadcrumb":{"@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#primaryimage","url":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2021\/05\/password-security-tips-feature.jpg","contentUrl":"https:\/\/cheapsslsecurity.com\/blog\/wp-content\/uploads\/2021\/05\/password-security-tips-feature.jpg","width":1600,"height":1000,"caption":"password security tips feature image of a login screen"},{"@type":"BreadcrumbList","@id":"https:\/\/cheapsslsecurity.com\/blog\/password-security-tips-you-should-know\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cheapsslsecurity.com\/blog\/"},{"@type":"ListItem","position":2,"name":"10 Password Security Tips You Should Know"}]},{"@type":"WebSite","@id":"https:\/\/cheapsslsecurity.com\/blog\/#website","url":"https:\/\/cheapsslsecurity.com\/blog\/","name":"Savvy Security","description":"Practical cybersecurity advice","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cheapsslsecurity.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/cheapsslsecurity.com\/blog\/#\/schema\/person\/1ce9a5743b7f25b5be6e4972864b4493","name":"Savvy Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4e5539150b16b5af1d22136f03dedda89a96babb3e9b5ceb18c2bde4e1dcba57?s=96&d=mm&r=g","caption":"Savvy Security"},"description":"Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24\/7 security teams.","sameAs":["blogadmin"],"url":"https:\/\/cheapsslsecurity.com\/blog\/author\/blogadmin\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/posts\/6930","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/comments?post=6930"}],"version-history":[{"count":0,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/posts\/6930\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/media\/6933"}],"wp:attachment":[{"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/media?parent=6930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/categories?post=6930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cheapsslsecurity.com\/blog\/wp-json\/wp\/v2\/tags?post=6930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}