Earlier this week, the White House released a Cybersecurity National Action Plan, proposing to boost next year’s federal budget for computer protection by 35% to $19 billion. It’s reassuring to see the President of the United States encouraging Americans to prioritize cybersecurity and take basic steps to stay secure online, using available technology to protect their data.
Much of what the CNAP covers is standard advice that most of us know we should follow, but it’s a good reminder to take a look at what we’re really doing to stay secure online and improve our password practices, now.
Use a Password Manager
The “available technology” mentioned by the President most definitely includes password managers such as LastPass. Strong password management is a basic step and your first line of defense in securing your data. If you are smart about your password practices – having a unique, complex password for every site – then you are already employing some of these basic but important strategies. If you’re struggling to make every password unique, start by storing your passwords in a digital vault with LastPass, and then use the LastPass Security Challenge to systematically improve your passwords.
Two Factors Are Better Than One
Secondary security methods, such as two-factor authentication (2FA), are one of the most straightforward and secure forms of safety measures currently available. Two-factor authentication is easier than ever, with dozens of options available to both consumers and businesses. Turn on two-factor for your password manager (LastPass supports over a dozen vendors), and for all the other services you use that support it.
Oversight Is Critical
In addition, if you don’t already know what your employees or your government workers are doing with their passwords, then we’ll give you a hint: They’re reusing passwords extensively, putting you, the government and every business at risk. Your system is only as strong as your weakest password, and if you have no oversight or control of those passwords then you’re exposing yourself or your company to a serious risk of breach.
If you’re not measuring your employees’ performance in regards to passwords, you’re not managing one of the most important factors for your security. If you reuse passwords, whether at home or in the workplace, your risk multiplies with every account.
You Can Start Today
It will be interesting to see how this plays out in congress, but it’s important that we all recognize that we don’t have to – and shouldn’t – wait for the government or businesses to beef up security. We can all take basic steps – like using a password manager, turning on two-factor, and putting access management systems in place – to improve our security today.
Image credit: Kevin Lamarque/Reuters