Definition

Password hygiene refers to the accepted practices that individuals and organizations should follow in order to create and maintain more secure passwords.

In 2022 alone more than a handful of large-scale data breaches have occurred, costing organizations hundreds of millions of dollars in damages. As passwords are a key part in the accessibility and protection of sensitive information, following good password hygiene is incredibly important when dealing with banking accounts, data servers, tax documents, and much more.

What does a secure password look like?

There are many important aspects to a hygienic, secure password— one that cannot be easily guessed or brute forced:

• Length - Longer passwords are harder to bypass and are generally more secure. A good length is at least 10 characters.
• Complexity - Including special characters, combining upper and lower-case letters, and avoiding patterns like common words or phrases makes passwords much harder to guess. 
• Uniqueness - Avoid using the same password for multiple accounts. This can decrease the risk of, and damage dealt by, security breaches.
• Personal Information - Avoid using easily discoverable personal information, such as your name, birthday, address, or those of family members.
• Changing Regularly - changing passwords regularly ensures that if a password is stolen, it cannot be used for an extended period of time. This is especially important for critical accounts like email, banking, and social media.

There are also many actions that can be taken to ensure greater security when dealing with a large amount of accounts or passwords. This includes a password manager to securely create and store passwords, as well as a 2FA/MFA solution to better ensure authentication.

Lastly, it is a good idea to regularly perform audits on your passwords and login attempts, especially for critical accounts. In an organizational setting this may also mean removing access for any outdated or unnecessary accounts.