Creating secure passwords protects you, your non-profit and your donors


These days, it seems like every few months we are hearing of another password breach at a website. Just a few weeks ago one of the world’s largest online gaming companies, Blizzard, suffered a digital security breach and thousands of passwords were compromised. A month before that, the popular social networking site, LinkedIn was also hacked.

While there is not much that can be done when those things happen, you can take action to ensure your online identity and the identity of your agency remain secure. The first line of defense is coming up with a secure password.

Every site you sign onto will ask for a password. Furthermore, some people might need a password to sign into your computer. That can be a lot of passwords to try to remember. Here are a few tips on how to create memorable and secure passwords:

  • The longer the password, the better. While creating short but extremely random passwords might be a great strategy if you only have a few passwords to remember, chances are you have quite a few sites that require a password. This is why creating a long password is best. One idea is to think of a story you will never forget and put together a phrase with a few numbers based on that story. That phrase with a few numbers provides you with much better security.
  • Complex over simple. While you do not want a random collection of numbers and letters, you do want your password to have some complexity. This can be accomplished through the use of upper and lowercase letters, numbers and special characters. A general rule is to have  at least one of each in your password.
  • No personal information. Do not include things such as your address, phone number, birthdate, social security number, etc in your passwords. If for some reason a site that you are subscribed to is hacked, the hacker can use this information to link together other information on the web and find out who you are. In no time, your identity theft has your credit card numbers and other personal information.

It is best to have a different password for each site to which you are subscribed. If you are concerned about remembering a bunch of passwords, then there are password managers available to help you. Google Chrome and other browsers offer a password managers that save an encrypted version of your password for you, which will auto-complete the next visit that site. There are also independent password managers such as KeePass that also will save your passwords for you.

Your non-profit organization might already have a policy on creating passwords. So, before following any of the advice in this post, make sure you check with your IT Department and make sure your passwords are compliant. Also, remember to change your passwords often. A good rule of thumb is to change them every three months to keep accounts secure.

These best practices aren’t just necessary for your online activity. They also applies to internal software such as password protected donor databases.

Anyone else have some great password creation tips? What password manager do you use? Does your agency have a password creation policy? If so, would you be willing to share it with other readers? Let’s talk about all of this in the comment section!

Advertisements

About DonorDreams

Erik got his start working in the non-profit field immediately upon graduation with his masters degree in 1994. His non-profit management and fundraising experience numbers nearly 20 years. His teachable point of view around resource development is influenced by the work of Penelope Burk and those professionals subscribing to a "donor centered" paradigm. Donors have dreams and it is our responsibility to be dream-makers because donors are not ATMs.

Posted on August 27, 2012, in Mondays with Marissa, nonprofit, technology and tagged , , , , , , . Bookmark the permalink. 3 Comments.

  1. Marissa . . . do you have anything that you can share with readers regarding a written password protection policy?

    I also know that many agencies worry about getting hacked and losing staff and donor data. Is there anything you can share with readers that can help them update their crisis communications plan in the event that the agency’s systems get hacked and privacy has been compromised.

    Great post . . . thanks!

    ~Erik

  1. Pingback: Creating a Secure Password

  2. Pingback: Are you who you say you are? « bluedeckshoe.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: