Strengthening Your Practice’s Passwords: The First Layer of Defense

Cybercrime is an ever-growing and ever-evolving threat that everyone faces. Every day, there are countless attacks on businesses, healthcare providers, and individuals worldwide, often leading to data loss and compromised data. Cyber Security Ventures estimates online crime will rise 5 percent annually over the next five years. Cyber Security Ventures also estimates that online crime will cost the world $10.5 trillion dollars annually by 2025. 

Cyber Security Awareness Month wrapped up at the end of October, and the ABELDent team wants to take this chance to remind you of the importance of keeping your practice safe from data security threats. It is crucial for you and your team to protect your practice data to prevent criminals from accessing your patient’s PHI (Protected Health Information). If your patient or practice data is compromised, patient information is subject to being sold for identity theft, held for ransom, and more. In this blog, we will discuss one crucial way you can protect your practice’s data – by strengthening your practice’s password security. 

Best Practices for Maintaining Secure Passwords in Your Practice 

Keeping up with online security best practices is the first layer of defense against security breaches. To ensure there are no cracks in your practice’s data security plan, ensure your whole team maintains good password hygiene. 

• Team members should never share passwords 
  Ensuring that your team keeps their passwords to themselves minimizes the risk of potential data breaches. Having passwords in a physically accessible place, such as written down on a post-it note near your computers, poses a massive risk of someone hacking into your system. Ensure your team is keeping their password privately stored, either via memory or a safe location, such as a secure password manager. 
• Do not use obvious and easy-to-guess passwords 
  This may come across as common sense, but studies of the ten most-used passwords of 2023 show concerning results. Avoid using personal information that someone might be able to know or guess in your password, such as a child’s name, a pet’s name, or your nickname. Additionally, do not use commonly used words, patterns, or strings, such as “password” or “abc123”.  Instead, opt for a longer passphrase or a random set of numbers, letters, and special characters that you safely store in a password manager or remember with a memory trick. Your passwords should be at least 8-12 characters in length, or even longer. 
• Change passwords routinely
  It is a common recommendation to change your passwords approximately every three months. Changing your password every few months helps you stay one step ahead of people who may want to discover it. Updating your password regularly prevents constant access to someone who may be attempting to gain control of your account. Do not reuse passwords, as this puts you at risk from a hacker using a previously known password to access your program/account. 
• Turn on two-factor authentication when you can 
  Many programs and websites allow you to use multi-factor authentication (MFA) for logins. Enabling MFA decreases the chances of a hacker accessing your account and is a strong protective measure you should take for any websites that allow you to, for instance, for your practice’s social media accounts. 

Password hygiene is just one crucial method of protecting your practice’s valuable data. Other factors that come into play in data protection have to do with your team knowing how to spot dangers and avoiding opening/clicking any dangerous attachments or links. In a 2021 report, phishing is the initial cause of around 22% of data breaches. Keeping your entire team up-to-date on security training helps prepare them to spot phishing attempts, suspicious emails, calls from social engineers, and other potentially dangerous activities. While maintaining good password hygiene is critical, having an educated team is also important, along with other factors that we have discussed in previous blog posts. 

To help you better protect your practice data, ABELDent is updating ABELDent’s password protection measures. To learn more information on ABELDent’s new password guidelines, read below. 

ABELDent Cloud and Local+ Password Requirements: 

• Each password must contain at least eight or, optionally, twelve characters 
• Each password will require at least one upper-case letter, one lower-case letter, one number digit, and one special character 
• Each user must reset their password every three months 
• A password reset cannot use any of the last three password values 
• After five consecutive incorrect password attempts, the system will lock the user out of the ABELDent software for 30 minutes or until an administrator resets the password for the user 

This update began rolling out in November 2023 and will reach all ABELDent Cloud and Local+ users in early January 2024. After receiving the update, each user will have 30 days to reset their password with a strong password. Each time a user opens ABELDent, until the password is reset, the user will be reminded how many days are remaining. If the user has not reset their password after 30 days, they will be required to reset their password the next time they log in. 

ABELDent LS 14.8.2 Password Requirements: 

• Each password must contain at least eight or, optionally, twelve characters 
• Each password will require at least one upper-case letter, one lower-case letter, one number digit, and one special character 

How to Update My ABELDent LS 14.8.2 Password?

An administrator can activate the strong password feature in ABELDent LS 14.8.2 by selecting Reset Password in each user’s profile in the ABELDent Authorization Manager. When Reset Password is selected for a user, the user will be required to select a password that meets the requirements above when they next log in.