Protect Your Data with Good Password Hygiene

As an oral healthcare professional, you have undoubtably invested in the security of your practice. From choosing a robust practice management software with strict safety protocols to safeguarding your network—or even your physical location—there are a number of things you can do to ensure that your patient and practice data is secure.

One important component of cyber security that is often overlooked is exercising good password hygiene. Read on to learn how to choose a strong password, how often you should change it and other tips to keep your accounts safe.

How to Choose a Strong Password

Intuitively, we all know how important it is to choose a password that is difficult to guess. However, not everyone exercises this knowledge in practice. NordPass recently put out a list of the most common passwords in 2020, including how much time they took to crack and the number of times they were exposed.  

Here are the top 10:

Password

Number of Users

Time to Crack It

Number of Times Exposed

123456

2,543,285

Less than a second

23,597,311

123456789

961,435

Less than a second

7,780,694

picture1

371,612

3 hours

11,190

password

360,467

Less than a second

3,795,315

12345678

322,187

Less than a second

2,944,615

111111

230,507

Less than a second

3,124,368

123123

189,327

Less than a second

2,238,694

12345

188,268

Less than a second

2,389,787

1234567890

171,724

Less than a second

2,264,884

senha

167,728

10 seconds

8,213

One way that cybercriminals may attempt to enter your accounts is through a brute force attack, which means that they will try different variations of words and symbols in an attempt to guess your password. However, you can reduce your risk by following these guidelines:

Avoid obvious passwords
Anything in the list above could be considered an obvious password, as they can easily be figured out through brute force attacks.

Choose a long password
Passwords should be at least 12 characters in length. However, the longer the better, as each additional character reduces the risk of your password being cracked (as long as you are avoiding obvious passwords or words in the dictionary).

Many cyber security experts recommend using a passphrase instead of a password and then making variations.

For example, if you’re a Dr. Seuss fan, you may be fond of the phrase, “Oh, the places you’ll go.”

To make this a strong password, simply switch it up to get: 0hThePl@cesYou11G0

Don’t use personal information
Your name, your address, your birthdate—all of this could be discovered by a savvy cybercriminal. Better to choose something personal to you that isn’t easily accessed on the Internet.

Make sure your passwords are different for each account
Remembering your passwords can be difficult, but it’s still important to use a different password for each of your accounts. In the event of a data breach, cybercriminals may try your password on your other accounts, so maintaining this distinction is beneficial.

Don’t reuse old passwords
In a similar vein, you should never reuse old passwords. Unfortunately, we have become all too accustomed to data breaches, so there may be a chance that your previous passwords are out there. Better to come up with a new password or passphrase to ensure you are protected.  

Learn more industry security standards, such as GDPR, ISO 27001/27002, PCI DSS, NIST 800-53, here.  

How often should I change my password?

There are no set rules regarding how often to change your password; in fact, some experts advise against forcing password resets every 30, 60 or 90 days, arguing that this makes it more likely the user will pick something easy to remember (and potentially easier for others to guess).

However, you should change your password when:

You learn that your data has been breached
If a service provider notifies you that your data has been compromised, or you get an email saying an account has been accessed in an unfamiliar location, its time to immediately change your password.

You have a virus on your local network
Some viruses use a “keyboard logger,” which sends hackers information on what you’ve typed on your keyboard—and could include your account details. In this case, it’s best to make a password change on a secure network.

It’s been one year since your last password change
An annual password change is not so frequent as to make you pick an easy password, but it will give you peace of mind that your accounts are secure.

Sharing Passwords
One of the most important ways to protect your password is to avoid sharing it with others. However, a 2017 study on Prevalence of Sharing Access Credentials in Electronic Medical Records found that 74% of medical staff who responded had obtained the password from another staff member. Half of the participants used a password that was not their own approximately four times.

To ensure that your practice is protected, make sure all members have their own login credentials to Windows and practice management software accounts.

Carestream Dental is dedicated to helping practices protect their information. To learn more about Carestream Dental’s practice management solutions, contact our team today!

 


Contributors
The Digital Stream Carestream Dental Blog Administrator
Categories
Share