Level 2: Immediate Actions
Guide 1 of 4

Password Security & Training

Why Strong Passwords Matter

81% of business data breaches happen because of weak or stolen passwords. Hackers can crack simple passwords in seconds using automated tools.

Reality Check: A restaurant chain lost $50,000 in sales after hackers guessed their password: "Restaurant2023!". They were locked out of their point of sale system for 3 days.

Password Requirements

Your business passwords must meet these minimum standards:

Strong Password Checklist

  • At least 14 characters long (12 is the old minimum - not enough anymore)
  • Mix of uppercase, lowercase, numbers, symbols (!@#$%^&*)
  • NO personal information - your name, business name, pet names, birthdays, addresses
  • NO dictionary words - even with numbers added
  • NO keyboard patterns - qwerty, 123456, asdf
  • NEVER reuse passwords - each account gets a unique password

3 Ways to Create Strong Passwords

Method 1: Traditional Complex Password

  1. Start with a base word (not related to your business)
  2. Replace letters with numbers and symbols (a→@, e→3, i→!, o→0)
  3. Add numbers and symbols at the beginning or end
  4. Make it at least 12 characters
  5. Example: "M0rn!ng$un$h!n3#47"

Method 2: Passphrase Method

  1. Pick 3-4 random words
  2. Add dashes, numbers, and symbols
  3. Mix in uppercase and lowercase
  4. Example: "Purple-Elephant92!Kitchen-Mountain"

Method 3: Password Manager (RECOMMENDED)

Let software create and remember complex passwords for you:

  • Bitwarden: Free for personal, $3/month for business
  • 1Password: $8/month for teams
  • LastPass: $3/month per user

Generates passwords like "X9#mL2$vK8@nP4%wR6&tY1", impossible to crack or remember!

Try Building a Strong Password

At least 14 characters
Contains uppercase letter
Contains lowercase letter
Contains number
Contains special character
No personal/predictable info
Strength: Weak
Time to crack: Instantly

Try these suggestions:

Quick Setup: Password Manager

Bitwarden Setup (5 minutes):

  1. Go to bitwarden.com and create account
  2. Download browser extension and mobile app
  3. Create one strong master password
  4. Add your existing passwords to the vault
  5. Let Bitwarden generate new passwords when you change them

Master Password Example

This is the ONE password you need to remember: "My-Business-Protects-Data-Always77!"

Write it down and store in a safe place until memorised.

Team Training

Simple 3-Step Training:

  1. Explain why: "Weak passwords are how hackers get in. Strong passwords protect our business."
  2. Show how: Set up password manager for everyone and walk them through it
  3. Give time: Allow 2-3 weeks to change all passwords

Next: Multi Factor Authentication

Your passwords are now secure. Next, add an extra security layer that blocks 99.9% of account takeover attacks.

Multi Factor Authentication NEXT

Add an extra security layer that blocks 99.9% of account takeover attacks

⏱️ 10 min read + 5 min setup per account

Back to Guides

See all security guides

Risk Assessment

Find your biggest security risks