At Way We Do, we are serious about security. We know that the information you provide to your team through Way We Do is unique to your company, and we understand how this intellectual property makes your business more valuable. It is vitally important that this information is protected. One of the best and easiest ways to protect your information is through stringent password security.
To help keep your information secure, Way We Do has upgraded our password requirements. Password requirements for new users now include:
- Passwords must be a minimum of 10 characters (max 50)
- The system will refuse the most common (top 100000) passwords
- The system will refuse low entropy – minimum of 6 unique characters.
- The system will automatically blacklist the following as passwords: the website url, the subdomain url, the subdomain, their email address, first name, last name, full name
To some people this may seem strict. However, it is easy to create a simple to remember password by using a phrase like ‘The Big Yellow Taxi’. You can then increase the security by replacing several letters in your phrase with numbers or symbols. (i.e. Th3B1gYell0wTaxi^)
Since these new requirements will only apply when choosing a new password, we are encouraging all current users to follow our lead and upgrade their password security.
Why is password security so important?
According to Stopthehacker.com “It takes only 10 minutes to crack a lowercase password that is six characters long. Add two extra letters and a few uppercase letters and that number jumps to 3 years. Add just one more character and some numbers and symbols and it will take 44,530 years to crack.”
Once your password is hacked, any information in your account will be available to the hacker and their entire network. This means strangers can see your sensitive company information.
People who use the same password for multiple accounts are at an even greater risk because once one account is compromised, hackers often look for related accounts and access those too.
How secure is your password?
Using common passwords such as 12345 or password will allow a hacker to gain access to your information in under a second.
Most people publish a lot of personal information online in profiles and social networks. Since this information is so readily available, using personally identifiable information such as names and birthdates makes it easier for a hacker to crack a password.
The How Long to Hack My Password tool from Random-ize allows you to test your password security. With this tool, you can see first hand how using numbers, symbols, and random character strings greatly improves your chances of keeping information secure.
Tips for improving your password security
- Use a password manager like LastPass to generate and store difficult passwords.
- Passwords should be changed every 90 days or less.
- Do not re-use passwords.
- Passwords should be strong with a minimum of 10 characters and contain: special characters, letters (upper and lower case) and numbers.
- Passwords should not contain your user name, any part of your full name, important dates, company names, or any other recognizable information.
- You should not share passwords over the phone, through email, or in any online documents (I.e. Way We Do, Google Drive, etc.)
Don’t reveal a password on questionnaires or security forms.
Want to Know More?
Security is our priority! Contact the Way We Do support team if you would like to know more about how Way We Do keeps your information secure.
