Cybersecurity

Tips to strengthen your company’s passwords (and yes, they need strengthening)

This article was updated on October 3, 2020.

In theory, we all know what makes a strong online password. Putting it into practice? That’s another story.

If we want to protect our corporate and personal information from hackers, our passwords should be unique, long and contain numerous different characters. They should be changed on a regular basis too.  

But the process is inconvenient. So, it should come as no surprise that most people—and most businesses—don’t do enough when it comes to password protection. In fact, according to a 2018 Verizon Data Breach Investigations Report, 81 percent of hacking-related breaches were the result of either stolen and/or weak passwords. [1]

Fortunately, there are ways to alleviate today’s very real password-related cyber risks, and they aren’t that difficult. But remember, no solution is perfect on its own, so the more safeguards you integrate into your cybersecurity posture, the better off you’ll be.

Simple ways to strengthen your password protection

1. Stop using email addresses as your username

That’s it, nothing more!

2. Invest in password protection software

While there are a variety of password protection software solutions in the marketplace, they essentially function the same way. You just need to remember one good strong password to access the storage app. From there, the software itself can securely log you into all your other accounts. These apps also typically generate extremely secure passwords when you sign into new sites or launch new accounts—which can further alleviate the password burden.

Keep in mind, though, that you get what you pay for—so it’s worthwhile to do some research and consider spending a little more on apps that will significantly enhance your security posture.

3. Change passwords every 30 days

Employees should be required to create new passwords every 30 days—and deterred from reusing old passwords or creating similar ones.

4. Invest in “Two factor authentication” software

Two-factor authentication requires users to input a password plus another security element, like fingerprint and/or facial recognition to confirm an individual’s identity.

Steps to avoid when creating your passwords

1. Using an email address as the login username

That’s it, nothing more!

2. Reusing passwords

Finding the perfect password—one that’s not only the right length, but also includes the ideal mix of characters and is easy to remember—is quite a feat. So, it makes sense that once you find one, you reuse it—again and again and again. Unfortunately, hackers love this because, if they crack the code once, chances are they’ll be able to use that same code to access other accounts down the road.

3. Forgetting about your personal accounts – they need protecting too!

Hackers know that if a person isn’t using strong passwords in their personal lives, they likely aren’t using them at work, either. So, while cyber criminals may initially target individuals—say, by sending a phishing email to their personal computer and accessing the passwords stored in the browser of that computer—that information can quickly be used to access corporate information too.

4. Saving passwords on your computer browser

We get it—when your computer browser offers to save your secure-but-hard-to-remember password, that’s one less thing for you to remember. The thing is, few of these programs, if any, are secure—and they’re extremely easy to hack.

Next steps to strengthening your company’s passwords

Of course, these solutions do require effort to execute, which can be inconvenient. That said, today’s cyber criminals are poised and ready to infiltrate any company prone to password shortcuts. So, if you’re debating taking steps to strengthen your password protocol, ask yourself this: Which is more inconvenient—coming up with a new password every month or dealing with a cyber breach?

If you need help strengthening your organization’s password security—or any other area of your cybersecurity posture—. We’d be happy to help.

[1] https://www.tracesecurity.com/blog/articles/81-of-company-data-breaches-due-to-poor-passwords

Cyber Hotline

A 24 hour hotline to assist anyone with an urgent cyber breach or incident:

+1 844 40 CYBER

Fraud awareness is everyone's business

Read more

Tips for identifying and preventing hidden financial fraud risks

Read more

Don’t think a ransomware attack could happen to you? Think again.

Read more