It’s all too easy to think passwords are a nuisance—when really they are essential to keeping your data and your business safe. Find out how setting and managing strong passwords in part 1 of this password security series.
How strong are your passwords?
If you use the same password for multiple systems—online shopping, email, your company’s cloud bookkeeping solution, etc.—you’re not alone. Even Facebook founder Mark Zuckerburg did that but in 2016 his LinkedIn credentials were compromised in a major breach. That also gave hackers access to his Twitter account because the passwords were the same.
The fact is, with just one user password, hackers can often break into multiple applications and systems.
Your whole business can very quickly be put at risk. That’s why a good security practice is to have a different, strong password for every account. A breach will be isolated to that account and the fallout will be much smaller and easier to manage.
Be extra protective of your sensitive accounts
When it comes to ultra-sensitive accounts like company servers or your banking apps, make sure the password you use isn’t one you’ve used anywhere else.
Banks usually have strong security measures, but even those won’t protect you if someone tries a password you’ve used somewhere else and it works. The consequences could be disastrous.
Email is another big one to safeguard – work and personal. If a hacker gets into your email, the potential for damage goes up exponentially. They can send out phishing, ransomware, or other malicious attacks to any or all of your contacts, and they’ll seem legitimate because they’ve come directly from you.
Be unique and strong
In addition to being unique, your passwords have to be strong. At a minimum, that means making each one long. Pick one with at least eight characters but the longer the better. If you can use phrases of multiple words instead of a single word, that’s better still.
And for goodness’ sake, don’t use “password”.
The UK government National Cyber Security Centre (NCSC) advocates using ‘3 random words‘ for each password as a solution to using complex randomly generated passwords. For example, “GreenTrumpetFrog” is actually harder to guess than “Axrtgh1$“, but not as difficult as “11L7toAW8$3N@)lq+n#A” which would be impossibly hard to remember once, never mind for hundreds of accounts.
How can I remember all those passwords?
Fortunately there is a simple solution. A password manager enables people to use unique, strong passwords for every account.
If you have dozens or hundreds of accounts, having a different password for each one might seem like a royal pain. And long, complex passwords are definitely hard if not impossible to remember. Having the right business solution to help manage passwords is the answer.
Your brain doesn’t have to do all the work. Having the right tools is just as important as having the right practices in place.
How IT Foundations can help?
We provide a password management solution that is specifically designed for businesses to retain control of their password management process. Personal password management solutions like those commonly included in internet browsers just don’t cut it for business purposes. If you’d like to learn more about how to manage passwords for you and your team, let us know and organise a demo to walk through the benefits.
Watch out for our next blog on how you can add extra security by changing your passwords periodically.
Sign up to our newsletter to be kept up to date on information, technology and security best practices for business.
More in this series:
- Part 1 – Strong Security Starts with Strong Passwords
- Part 2 – Stay Ahead of Hackers by Changing Your Passwords
- Part 3 – Do You Know Who Has Access to Your Systems
- Part 4 – Demonstrating Compliance with Data Security Regulations Can Be Easy if You’re Prepared