Logins and Passwords

Website: [insert the website, appstore download location, etc.] Login Information: Username: Password:

Website: [insert the website, appstore download location, etc.] Login Information: Username: Password:

Generate login credentials following security standards. Use strong unique passwords - at least 12 characters with mixed types. Never reuse passwords across systems. Use a password generator rather than making them up yourself. Humans are terrible at randomness.

Put credentials in a password manager - not spreadsheets, sticky notes, or documents. Use your company approved password vault with proper access controls. Share via the vault, never email or message passwords. Secure storage is the foundation of credential security.

Turn on MFA everywhere it is available. This is your second line of defense when passwords get compromised. Use authenticator apps over SMS when possible. Set up backup codes and store them securely. MFA stops most account takeovers.

Grant credentials only to people who need them for their role. Document who has access to what. Review access lists regularly and remove people who no longer need access. Former employees should be cut off immediately. Least privilege prevents unnecessary exposure.

Change passwords periodically and immediately after any suspected breach. Enforce rotation policies through your systems where possible. Update stored credentials in your vault right away. Old passwords that get leaked can be used later if not changed.