Cybersecurity Awareness Month Weekly Tip: Password Security

Each week during Cybersecurity Awareness Month, we’re going to be sharing in-depth weekly cybersecurity tips from our evangelists to help your users make smarter security decisions and build your cybersecurity fortress from anywhere!

As a 30-year computer security professional with over 10 books and over 1,000 national magazine articles, Data-Driven Defense Evangelist Roger Grimes is filled with endless amounts of cybersecurity knowledge to help your organization succeed. Roger is frequently asked how users can ensure their passwords are secure. He addresses that as well as effective password policies you can implement within your organization. 

Check out this helpful video from Roger as he goes over his top password security advice in further detail:


First of all, it’s important that no matter what your password is (long, short, or complex), NEVER reuse the same password on any website or services! Using the same password creates increased risk for cybercriminals to hack into multiple accounts. 

Try to use multi-factor authentication (MFA) when you can but also know that using multi-factor authentication will not be 100% effective. Keep your passwords long and complex, and don’t store all of your passwords in your head. Invest in a password management system to create really long passwords that can do the work for you with one simple click. If possible, make sure your password is changed once every year and more frequently if you’re in a larger organization.

You can also register for Roger's live webinar October 15 @ 2:00 PM ET to find out what your password policy should be and learn about the common mistakes organizations make when creating password policy. 

Check back each week for more helpful tips from our evangelists, and follow @KnowBe4 on Facebook, Twitter, and LinkedIn throughout the month for all of your #NCSAM resources. Also check out your National Cybersecurity Awareness Month Resource Center for the latest resources to keep your users on their toes, no matter where they’re working from.

Are your user’s passwords…P@ssw0rd?

Employees are the weakest link in network security, using weak passwords and falling for phishing and social engineering attacks. KnowBe4’s complimentary Weak Password Test (WPT) checks your Active Directory for several different types of weak password related threats.

wpt02Here's how it works:

  • Reports on the accounts that are affected
  • Tests against 10 types of weak password related threats
  • Does not show/report on the actual passwords of accounts
  • Just download the install and run it
  • Results in a few minutes!

Check Your Passwords

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Anti-Phishing Guide ebook

Get the latest about social engineering

Subscribe to CyberheistNews