Do your employees still use “12345678” as their PC password? Not such a good idea. In today’s world, a strong and complex password is the key to company security. The digital world forces us to create multiple passwords for business and personal use, and this can create password laziness. Using guessable passwords like “1234”, make you an easy target for hackers.
For starters, passwords should not have any kind of emotional attachment to the user. Don’t use events such as your wedding date, your son’s birthday, or the year you graduated high school in your account passwords. They are easy to guess by people who know you or who can see this information with a simple online search.
Other factors that contribute to password weakness and cyber risk is human error: sharing our passwords with friends or co-workers or writing passwords down and leaving notes in obvious places. Since we have so many passwords to remember, writing them down hastily on a post-it and leaving it on a monitor is commonplace.
Today, security experts recommend the below for password creation:
- Passwords should be at least eight characters long.
- Passwords should be a mixture of letters, numbers, capital letters, and special characters.
- You should change your passwords every three months.
- Your passwords should be unique for each online service. So, don’t use “MamaCat123%$” for every site account.
Once one site is compromised, you’re left vulnerable if hackers think to use that same password for other accounts.
Mobile use has also been identified as a weakness in password creation. Experts have found that mobile passwords aren’t nearly as strong as desktop ones. The mobile keyboard is awkward for many, and users tend to create shorter, riskier passwords on their cell phone.
However, hackers are quickly catching on to these current password recommendations. So what else can you do?
1. 2SA and MFA (2-step authentication and multi-factor authentication)
A 2-Step Example: If you’re logging into a different PC to do your personal banking, you should have to not only enter your password but get a code delivered to you via text or email to verify your identity.
An MFA Example: Having to enter a security code, a password, and memorable question to log into any kind of financial account.
2. Password Vault
A password vault is a type of software or app that allows users to store and organize passwords. These password managers usually store encrypted passwords, requiring the user to create a master password – a single strong password, which gives the user access to their password database. Last Pass is an example of a password vault.
So what are the alternatives? Many people think futuristic notions such as eyeball scanning or even just using selfies as identification are way stronger than relying on passwords for data security. As soon as technology advances, hackers are right there to put the newest improvements in tech at risk. Although passwords alone aren’t the answer to company security, effective and strong passwords are a good start.
You must be logged in to post a comment.