Password Security
(Management)
Breaches are on the rise.
One significant way cyber-criminals can violate systems is with compromised passwords. It doesn’t just stop at the compromised password; the attacker then infiltrates to gain more confidential information. This could lead to the pure destruction of not only personal information but the integrity of your business. It’s as straightforward as this:
- 78% of attackers use stolen passwords to gain access to business applications.
- 43% of cyber-attacks target small businesses.
- STOLEN PASSWORDS 78%
- CYBER ATTACKS 43%
Why do I need different passwords?
If you keep your passwords written down at your desk, or in an unencrypted text file often called “passwords,” you are shooting your business in the foot as you are inviting problems inside your organization.
Everyone knows passwords need to be unique and secure, but do you really know what unique is?
65% of end-users are using identical passwords for multiple accounts.
Most people never change their password habits. When a password is changed, people simply add a 1 at the end and then replace the 1 with a 2 in an attempt to keep the password short. It turns out that short passwords, no matter how complex, can be cracked. Complexity makes it impossible not to write them down, right!?
The latest trend in passwords is passphrases; here is an example maryhadalittledog1!. This password takes 2 hundred trillion years to crack. If you want to check your password, visit Security.Org.
Even if you come up with a great password, it needs to be unique. If you are using the same password on more than one website or service, you are increasing your odds of being a victim of cybercrime by 50% each time.
A company can have over 500 passwords. It’s impossible to remember them all and not get confused as to which one to use and where.
What is the solution?
A password manager! You create one master password that you remember, and the password manager does the rest.
Password management dramatically reduces your risk of attack by forcing unique and easy-to-use credentials for your entire staff. When a person leaves a company, no one thinks to get their passwords. With a password manager, you still have the passwords, and the ex-employee does not take them with them when they leave. They stay with you, and the ex-employee is cut off from access to them. A password manager also allows the sharing of passwords within the company.
A password manager protects against keylogging programs that record your keystrokes and steal your passwords. A password manager will auto-load your login credentials without having to type them. Stopping keyloggers from recording your credentials and gaining access to confidential information.
Two-factor authentication (2FA) is a great way to help keep your passwords secure. This uses a revolving key on your phone. So if someone does steal your password, they wouldn’t have the key to get into the site. To tighten security, you need to implement 2FA wherever possible. It is a crucial question on all cyber security insurance policies. We can help you set that up.
If you’re still uneasy, you can export your passwords to a file and save that file in a vault. You can also restrict employees from doing so. That way, they can’t easily take your passwords with them when they leave the company. In the end, the reason to talk about password management is that it’s needed. Without it, you might as well just put the passwords on a Post-it.