In the hands of the wrong person, your company passwords could create quite a situation. It could be very costly, and a huge waste of time.
As you know, your passwords are the key element to keeping your organization’s online experience secure. As your organization gets gradually more involved with social media, you will find yourself with many passwords. You will need one for your Twitter account, others for Youtube, PayPal, Google, etc. If you use the same password for everything under the sun, 
think of the damage it could cause if someone manages to figure out your password – they now have access to all of your accounts.
Do you know how long you have been using the same passwords? How often do you change them? Who has them? Where do you save them? What happens when you fire an employee? Who has your Facebook password? If your password is compromised, do you have a plan in place?
To make things simple for you, here is an idea that may be worth adopting as your organization’s password policy.
As the title of this post says, you do not simply change your password; instead, you change your password FORMULA.
This will simplify your password policy, and has many advantages.
- First, you will only have to remember one formula!
- Second, if someone gets hold of one of your passwords by mistake, they won’t be able to access your other accounts unless they know your formula.
- Note: Do not tell anyone that you are using a formula.
Choosing a formula
Let me give you an example of a simple password formula that your non-profit can begin adopting today. When choosing your first formula for 2012, keep in mind the following:
- Most passwords need 8 characters
- Some passwords need at least one CAPITAL letter
- Not all passwords support special symbols, while some require it
- A few passwords have to be 12 characters long
- Include letters from the media you are using
For example, you can decide to chose the word “cat,’ followed by the first and the last letters of the media this password is for, followed by the number ’334.’ Therefore, your passwords for Paypal, Facebook and Twitter would respectively be: ‘catPl334′, ‘catFk334′ and ‘catTr334′.
Your formula can have a special character and a longer-version variation. You may decide to replace your last character with the ‘%’ sign. This becomes your special character variation. Use it in all of your accounts that support special symbols. If you are creating accounts for employees, use part of their name – for example, the second letter of their first and last names – for Alex Fausse use ‘la‘.
When do I need to change our password formula?
I personally change mine only once per year – but every six months would be safer. Every time an employee leaves, you need to change your formula and update all your passwords accordingly. When you hire a temporary contractor or staff, you can temporarily go back to your previous formula on accounts they will be using.
Once you have decided on a special character variation and 12-character variation, there is no need to ever change them, other than for technical reasons. So basically, if your 12-character variation is to simply add ’J007′, just stick to that.
Where do I document my formula?
Nowhere! Do not tell anyone what the formula is, do not email it, or even tell your staff you are using a formula. Every six months, simply inform staff members of the new passwords you have selected, preferably, not via email. If you absolutely have to email a password, make sure the user name is sent in a separate email.
Having a Password Policy will give you a more secure online presence, and will help keep your organization safe from those who don’t want to see you succeed.
Social Media
It is best to use social media management software, and create a user account on it for your staff. This way, no one needs to know your Facebook or Twitter corporate password and, if an employee leaves, you can simply lock out their account from your social media management software.
Happy New Year!
