Passwords

One of the most popular (and unfortunately, successful) scams is to send an email that your account is expiring. To avoid disruptions, just enter your username and password, or just click the link and enter your password so your account doesn’t expire—NEVER do this!

We will NEVER ask for your password (and please don’t tell us!). This is something you should keep secure and never share—not even with your team members. A password manager is a great way to manage and secure these passwords.

Several years ago, the standard was to change the password every 90 days, and many banks enforce this older policy.

The newer protocols have incorporated Multi-Factor Authentication (MFA) which usually involves an authenticator app or a code to a separate email or sent as a text. Strong passwords now mean at least 16 characters with a mix of upper- and lower-case letters, numbers, and special characters.

We recommend that you do not share or reuse passwords. We are very aware that this can be hard, so a password manager can be helpful. And we recommend you enforce MFA for all users. This means all users MUST have MFA in place. As I write this, a friend’s logistics company had an incident, and they had NOT enforced MFA; such a tragedy! –CMW