How to Create Strong Passwords for Your Business

Troy Gerrie • June 14, 2023

In today's digital age, protecting sensitive information is of utmost importance, especially when it comes to your business. One of the simplest yet most effective ways to safeguard your accounts is by creating strong passwords. A strong password can significantly reduce the risk of unauthorised access and potential data breaches. In this article, we will explore some essential tips on how to create strong passwords for your business.

Length and Complexity Matter: Passphrases

When it comes to passwords, length and complexity are crucial. Instead of relying solely on complex strings of characters, consider using passphrases. Passphrases are longer phrases or sentences that are easier for you to remember but harder for attackers to crack. Aim for passphrases with a minimum of 12 characters or more. For example, instead of using "Password123," you could use "Ilovet0BeSecure!" or "DancingInTheRainIsFun!" Incorporate a mix of uppercase and lowercase letters, numbers, and symbols to make your passphrase even stronger.

Unique Passwords for Each Account

Using the same password for multiple accounts is a common mistake that can lead to disastrous consequences. If one account is compromised, the attacker will gain access to all your other accounts. Make sure to use different passwords for each account you access, whether it's for your email, social media, or business-related platforms. This way, if one account is compromised, the damage is limited.

Avoid Common Words and Personal Information

To create strong passwords or passphrases, avoid using easily guessable words, regardless of language, or personal information such as your name, family member names, pet names, birthdays, etc. Hackers often employ automated tools that can crack passwords using common words or personal details. Be creative and choose unique combinations of characters that are not easily associated with you. Consider using phrases or sentences and replacing letters with numbers or symbols.

Enable Multi-Factor Authentication (MFA)

Multi-factor authentication provides an additional layer of security for your accounts. It combines something you know (your password) with something you have (a mobile phone, physical key, etc.). Whenever possible, enable MFA for your business accounts. This added step ensures that even if your password is compromised, an attacker would still need access to the second factor to gain entry.

Regularly Change Passwords

Changing passwords regularly is a hot debate, some Cyber Security experts would argue that they should be changed on a regular basis while others would encourage against this as it can create dangerous password rotation mechanisms.


This industry standard has long stood at rotating your passwords every 180 days and Yorb is happy to support either situation. If you suspect any compromise or unauthorised access to your account, change your passwords immediately. By frequently changing passwords, you minimize the risk of someone accessing your accounts with old or previously compromised passwords. This practice ensures that even if someone manages to obtain your password, they will have a limited window of opportunity to exploit it.

Use Secure Password Managers, Avoid Browser Password Managers

While browser password managers may seem convenient, they can pose security risks. Some browsers store passwords in clear text and do not implement robust password protection by default. Instead, opt for dedicated password manager tools. Secure password managers are designed to encrypt and store your passwords in a protected vault. They generate strong, unique passwords for each account, eliminating the need to remember multiple complex passwords. These tools often offer additional features like password sharing, secure password syncing across devices, and two-factor authentication.

Don't Enable Automatic Logins

Avoid allowing websites to automatically log in to your accounts. While this feature may save time, it can pose a security risk. Many services store this information locally, and if an attacker gains access to your device, they can easily exploit this functionality to log in to your accounts without needing your password. Always prefer manually entering your login credentials to ensure better security. This way, you have better control over your account access.

Keep Passwords Confidential

Never share your passwords with anyone, regardless of the circumstances. Legitimate businesses will never ask for your login credentials via email or phone calls. Be cautious of phishing attempts, where attackers try to trick you into revealing your passwords. Always verify the authenticity of any communication before providing any sensitive information. Educate yourself and your employees about the dangers of sharing passwords and the importance of keeping them confidential.

Follow Your Organisation's Password Policy

If you are part of a business or organisation, it's crucial to adhere to its password policy. Many organizations have specific guidelines in place to ensure the security of their systems and data. Familiarise yourself with these policies and make sure to create strong passwords or passphrases that meet the requirements. Additionally, use separate passwords for work-related and personal accounts to prevent cross-contamination.


Remember, a strong password is your first line of defense in safeguarding your business's valuable assets and sensitive data. Invest the time and effort to create unique, robust, and memorable passwords or passphrases for each of your accounts. Stay vigilant, stay informed about emerging security practices, and make password security a priority in your business. By implementing these measures, you can fortify your business against unauthorised access and ensure the protection of your valuable digital assets.

Recent Posts

MCI & Associates and Yorb: A journey from support to strategy

April 10, 2025
MCI & Associates is an accountancy firm with over 45 employees across offices in Dannevirke and Pahiatua. The practice services a diverse range of clients, including those in the farming and commercial sectors, and its core services include tax preparation, business advisory and planning, and general accounting. The relationship between Yorb and MCI goes back over three decades to when both companies were in their formative stages. The trust-based relationship has endured and evolved as each business has grown and matured - going through name and ownership changes.

Cyber security in small-town NZ: why it’s time to pay attention

March 26, 2025
If you think cybercriminals only go after big corporations in major cities, think again.  The majority of incidents recorded by the NCSC impact individuals and small to medium businesses, proving that cyber threats don’t discriminate based on location - they target opportunity. With over 23,000 reports to the Netsafe helpline, and $17.8M in losses reported last year, small-town businesses are very much in the spotlight. In the past few months alone, three local accounting firms in regional New Zealand have suffered a data breach,and local ISP - Inspire was recently the target of a malicious cyber attack.

What's happening at Yorb - Q1 2025

March 21, 2025
We've had a flying start to the year, and given we're really just past the point where you start to realise what day it actually is, we thought we'd share everything we've been working on lately. 2024 In Review As we reflect on 2024, it's clear that this year has been one of remarkable achievements and significant advancements for Yorb. We were very proud that we won the Reseller News Innovation Awards in the Regional Partner Category, a testament to our commitment to excellence and innovation. AI has continued to dominate the headlines, with some businesses making great strides in how they work and interact. However, the majority are still grappling with understanding the full impact of this technology on their business, industry, and society. As we navigate this evolving landscape, companies must adapt to the security implications, ensure the integrity of data, and adjust to changing work and consumer patterns. In line with our commitment to security, we launched our new Security Platform, Yorb Defender 2.0. Designed from the ground up to be Essential 8 compliant, we believe this solution is now a best-in-class product that meets the requirements of modern business. 2025 Looking Forward Looking ahead to 2025, we have set ambitious goals following the EOS business framework. Our recent Annual Planning has helped us develop our 10-year, 3-year, and 1-year goals, with a strong focus on several key areas: Client Experience: We are dedicated to ensuring that every interaction with Yorb meets and exceeds your expectations. Automation Platforms: We will continue to develop our automation platforms to provide more consistent and efficient service. Investing in New Technologies: Our focus will be on AI, Hyper-Automation, and Data Governance to stay ahead of the curve. Team Development: We are committed to investing in our team, ensuring they receive the best skills training in technical, people, professional, and business areas. We will are also excited to be launching business peer groups focussed around AI, bringing together business owners and leaders from across the regions to explore what the future holds for all of us. This year we are injecting new energy into our Total Support agreement, we believe there is more to our partnership than phones calls, Teams Conferences and remote support. We are therefore introducing ongoing scheduled visits as part of the contract, alongside a productivity focus with scheduled access to our development team. Kicking off this year will be monthly seminars on topics such as Security, AI, Productivity, we want to hear what topics matter most to you. Look out for your invite in the coming weeks. I’m incredibly excited by 2025 and the opportunities it brings, we call breath a collective sigh that 2024 is behind us lets get cracking on what promises to be a great year. Daniel Goymer CEO