It’s no surprise to nurse practitioners and other healthcare providers when we learn of yet another large company who has been hacked. These companies have ranged from the retail, financial, and medical sectors. Credit card numbers, social security numbers, identity and even medical records have been compromised.
If these companies, with large IT/security departments cannot keep their data secure, what are we suppose to do in our small practices? For that matter, how to we secure data at home?
Healthcare providers are no stranger to the more complex rules regarding passwords. We run into this everyday with our EMRs, insurance verification sites, banking and more. More often than not, we are required to change passwords every 30-60-90 days. This means we have to choose a password that has 8-13 characters, at least 1 number, 1 upper case letter and 1 of the approved symbols (or any variation thereof). Oh, and you cannot use a password that you used the last three times. We know the drill and it can be annoying, frustrating and time consuming.
Yet despite all the security, we often use passwords that we can remember, which also tends to be passwords which are relatively easily hacked. If we happen to use a more “secure” password, it’s often written on a sticky note and posted on the computer, or the password list is taped under the keyboard.
Or, we use a notebook. True confessions here. A long time ago, before I’d ever heard of a password manager, I kept a small binder next to my computer. It contained all my user names, passwords and links to everything I needed. I even traveled with that notebook. Of course, it was not stored on my computer for easy hacking, but it was easy enough for someone to find the note work and have access to all my banking, credit cards, and any other website I had login information for. Oh, and that of my families as well. Not smart.
What passwords to we use most often?
SplashData, a internet security firm posts an annual report based on stolen passwords. Reading this list and we see why it’s so easy to hack into site! Passwords used include 123456, password, abc123, 11111, iloveyou, letmein, 123123, admin and password1 and more.
If you’d like to check the security of a password you are using and see how long it might take for it to be hacked, you can try it out at https://howsecureismypassword.net/.
Because hackers have devised software that can hack into sites in the blink of an eye, it’s important that we follow a few rules regarding passwords: (this list is no where near inclusive, but I think you get the idea):
- Never use your birthdate, social security number or name. Don’t use your children’s either.
- Avoid your street address, city, zip code.
- Do not use words that come out of the dictionary.
- Use passwords that contain at least 10+ characters, numbers and symbols.
- Use a password manager.
An excellent way to reduce your risk of being hacked is by using a password manager. A good password manager will also contain a password generator allowing you to configure secure password, and securely store that password for you. As the user, you will only have to remember one secure password to get into your account.
Caution: you must create a password you’ll be able to remember. As a rule, you’ll not be able to recover the password and will have to start over again. Trust me on this…that’s exactly what happened to me.
There are several password managers out there. Some are free and some cost. I’d recommend you find one that is cross platform, meaning you can use is on your computers, smart phones and tables, regardless if they run windows, android, iOS or mac.
I recommend you get one you’ll end up paying for so you can synch across multiple devices and not limited by how many passwords you are storing. It will range from $12-40/annually. Well worth the cost Here are the three most popular password managers today.
Which one do I use? I’ve been using Roboform for several years now. I love how easy I can generate new passwords and have everything synched across my devices. It also has an area called “safe notes” where I can store any information I want…credit card numbers, passport numbers, software activation codes etc.
Regardless of which password manager you use, it’s critical that you use one . Remember to pick a long complicated password that with a bit of work, you will be able to remember. And then use it on every site you visit. Let the password manager do the remembering for you.
So tell us: How do you manage your password? What do you use for your office staff?