Passwords, MFA & Account Security Best Practices

# Passwords, MFA & Account Security Best Practices

Strong authentication is one of the most important security controls you use every day.

---

## Password Rules

- Use long, unique passwords
- Never reuse passwords across systems
- Never share passwords with anyone
- Avoid storing passwords in browsers without approval

Use **1Password** (company-approved) to manage credentials securely.

---

## Multi-Factor Authentication (MFA)

MFA is required for:
- Google Workspace
- VPN
- Key SaaS tools

This usually includes:
- Password + phone prompt
- Authenticator app
- Hardware key (for some roles)

Do not approve MFA prompts you didn’t initiate.

---

## Common Attack Scenarios

Watch out for:
- Unexpected MFA push requests
- Emails asking you to “verify” your account
- Password reset messages you didn’t request

These often indicate a compromised password attempt.

---

## What To Do If Something Feels Wrong

If you:
- Get unexpected MFA prompts
- Think your password is compromised
- Accidentally shared credentials

Immediately:
1. Change your password
2. Contact **help@frontrowgroup.com**

Fast action limits damage.

---