BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Does Your Workforce Create Strong Passwords?

Does Your Workforce Create Strong Passwords & Have a Plan B Cybersecurity Defense?

As the old saying goes, “a chain is only as strong as its weakest link.” Unfortunately, the new saying is that a business network is only as secure as its employees’ passwords.

Despite widespread knowledge that hackers exploit weak passwords to breach entire systems, trusted workers still use ones that are easy to guess at and repeat them across platforms. If that seems counterintuitive, business leaders may want to consider these statistics.

  • The two most commonly used passwords remain “iloveyou” and “sunshine.”
  • Approximately 23 million people use the password “123456.”
  • More than half of workforces use the same password for personal and business purposes.
  • Upwards of 57 percent of phishing email scam victims do not change their password.
  • One-third of people stop doing business with organizations responsible for compromising their credentials.

What seems stunningly illogical about rampant password protection failures stems from this statistic: Approximately 90 percent of internet users say they are worried about getting hacked due to a compromised password. Industry leaders may be left scratching their heads. But as a decision-maker responsible for ensuring the integrity of digital assets, something needs to be done. You can set company policy that educates team members about how to create and remember strong network passwords. If that doesn’t work, there’s always Plan B.

Strong Password

How To Educate Employees About Strong Passwords

Getting workers to create powerfully secure passwords may not be that difficult. Insisting on a series of unrelated letters, numbers, and characters will fend off most hackers. On the other hand, team members will likely lose productivity, resetting a difficult-to-remember login profile. Fortunately, a happy medium can be achieved without too much difficulty.

Passwords do not necessarily need to be obscure. They just need to be difficult for hackers to unveil. A password employing 8-10 characters can be hard to crack if done cleverly. For example, the too common “iloveyou” can be tweaked to “iLuv2Make$,” which could be a tough one. That’s largely because it uses untraditional “Luv” in place of the spelled-out word, employs uppercase letters, a symbol, and a number. All an employee has to do is remember the phrase “I Love To Make Money” as a trigger.

Repeated passwords also need to be addressed. Consider training those under your leadership to make variations on one primary password. In this case, it could include “uLuv2Make$2” or “iH82owe$.”

It’s also important to share the reason that complex passwords are necessary. Hackers have a toolkit at their disposal that typically includes brute-force and dictionary techniques. When brute-force attacks try to run every conceivable combination of letters and characters possible. This tends to be time-consuming, and digital thieves are likely to give up when faced with strong passwords. Dictionary attacks run common words at the profile. If your worker’s password is “sunshine,” consider your network breached.

How Can Business Leaders Implement a Plan B?

Practical business leaders learn that human error ranks among the top reason things go sideways. Cybercriminals send out thousands of scam emails, knowing someone will open one, download a malicious file, or respond with critical information. Someone will make a mistake. Given that your financial future can be one mistake away from ruin, organizations are using multi-factor authentication as a fallback defense.

Multi-factor authentication requires employees to receive and enter a secondary code before gaining access to the network. This may be sent to another device that hackers cannot access. In some instances, an email alert is sent that must be approved. Even if someone foolishly uses “password123,” a cybercriminal would still need to know the authentication code or approve login access to upend your network.

If you are concerned about password security, consider working with a managed IT professional to educate employees about password protection, and install multi-factor authentication just in case.

More Like This

Microsoft Teams and the Future of Video Calling

Microsoft Teams and the Future of Video Calling Microsoft Teams is a free cross-platform collaboration software that focuses on users, enabling great collaboration with teammates and customers across any device and empowering customers to work faster. Teams aims to propel traditional productivity experiences to the future, giving all kinds of teams a purpose and a …

Microsoft Teams and the Future of Video Calling Read More »

Read More

What Is PCI Compliance?

What Is PCI Compliance? You’re probably reading this because you looked up information on PCI compliance. This article explores how you can meet PCI requirements and secure your clients’ sensitive cardholder data. Today’s business world is highly regulated, and while this has its upsides, there is a great deal of pressure on businesses to stay …

What Is PCI Compliance? Read More »

Read More

AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data

Original release date: October 30, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau …

AA20-304A: Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data Read More »

Read More

AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector

Original release date: October 28, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of …

AA20-302A: Ransomware Activity Targeting the Healthcare and Public Health Sector Read More »

Read More

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky

Original release date: October 27, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of …

AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky Read More »

Read More

Getting Started With Microsoft Teams?

Getting Started With Microsoft Teams? What drives workplace performance? A few years ago, a Stanford study published in the Journal of Experimental Social Psychology suggested that workplace performance was driven by collaboration. In fact, just the thought of collaboration was enough to improve performance. One interesting statistic: 64% of employees working collaboratively had higher success rates than …

Getting Started With Microsoft Teams? Read More »

Read More