Password Security

Choosing a "strong" Kalix login password is essential. This article will detail how to create and manage secure passwords.

Updated over a week ago

Weak Passwords

The most important aspect of security in a cloud based system like Kalix is your choice of password. It is very important to choose a strong unique password and then to keep it safe. A few tips about how to do this are shown below:

Use a mix of letters, numbers, and symbols in your password

This makes it also harder for someone to guess your password. The table below shows the amount of time it takes for password cracking software to generate every possible combination of letters for a given number of characters (courtesy of lifehacker).

Longer passwords take much longer to hack, 5 minute for a 6 character password to 4.5 years for a 10 character word. Likewise, passwords containing a combination of characters (uppercase, lowercase, numbers and symbols) take more time hack compared to lower case only (from 2.23 hours to 2.21 years for a 7 character password because it has 30,000 times as many possible combinations).

Don’t use personal information or common words as a password

Create a unique password that's unrelated to your personal information and uses a combination of letters, numbers, and symbols. It can be easy for others to access or guess your personal information such as dates of birth, children's names and favorite sports teams.

Don’t use simple words or phrases like "password" or "letmein," keyboard patterns such as "qwerty" or "qazwsx," or sequential patterns such as "abcd1234" these are also very easy to guess.

Reusing passwords

Another common mistake is reusing the same password on multiple sites. If someone figures out your password for one account, that person could potentially gain access to your email, address, and even your money. Some sites and programs do not follow best practices for password management, and human error can always occur, resulting in password leaks occurring. The only way to stop these leaks from spreading is to have a different password for each service you use. 

Password Manager Tools

Trying to think of unique passwords for each site, making sure they are ‘strong’ passwords and then remembering all of them, is near impossible! Luckily there is a simple solution, use a password manager. Password managers generate strong unique passwords (using a combination of letters, numbers, and symbols) and remember them for you. Below are two commonly used solutions: 

Creating strong passwords

These password manager tools also require a master password to access. Choosing a strong password for these solutions is paramount. How can you choose a strong password that is also easy to remember? Many recommend using a passphrase. A passphrase is typically a sequence of words or text strung together to create a strong password. The difference between a passphrase and a password is that a passphrase is typically longer and uses whole words or variations of whole words to create nonsensical sentences or phrases that are easy for you to remember, but hard for someone else to guess or crack. See here for details.

Single Sign On + Two Factor Authorization

There are sites that do security really well, Google and Microsoft are examples of these. These sites offer a feature called ‘two factor authorization’. When you want to log in, you have the option of also entering a code that is sent to your mobile device. It adds an extra security step, as any potential hacker would also have to steal your phone to log into your account. While Kalix does not offer ‘two factor authorization’, we do offer you the ability to log into our site via these highly secure sites. This method of logging is called ‘single sign on.’

Kalix's Google, Facebook or Microsoft ‘single sign on’, effectively sends you to the selected site to sign in and by doing so this, the site verifies your identity for us. By using this feature you can get all the extra security of using ‘two factor authentication’ plus the added benefit of not needing to remember another password!.

Protecting Your Clients

Ensuring your client records remain safe and secure is very important. At Kalix, we work hard to make sure we follow best practices in security. However, as users there are steps you must take to close ‘the security loop’.

  • Choose strong passwords: at least 8 characters (the longer the better), with a combination of uppercase and lowercase letters, numbers and symbols.

  • Do not choose commonly used passwords.

  • Do not re-use the same password on multiple sites.

  • Consider using a password manager to generate and store ‘hack-proof” passwords.

  • Use ‘single sign on’ for Kalix.

  • Don't leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. If you decide to save your passwords in a file on your computer, create a unique name for the file so people don't know what's inside. Avoid giving the file an obvious name, such as "my passwords." .

  • Password lock your computer and devices, so other cannot access them when you are away from your desk.

Did this answer your question?