Answers to the Most Common Questions About Password Security
/Passwords have become ingrained into our daily lives. We use them for getting into our personal bank account or social media as well as for multiple work applications each day.
The average email address is associated with approximately 130 different online logins, so it’s no wonder that most people feel like they have password overload.
Login credentials are one of the hot commodities on the cyber black market, because they can get criminals into all types of different accounts and allow them to breach a company’s network. Passwords are generally more valuable that just the benefit that can be gained from one account breach, because people typically use the same password for multiple logins.
But as annoying as it is to have to juggle multiple passwords, they’re often the only barrier that’s keeping a network or device from being breached. No matter how good your managed IT security is, if a hacker has a user’s password, they can bypass security and gain access to plant malware or spyware and steal all types of sensitive data.
It can be a constant battle to convey the importance of password security to employees and have them understand the significance of why a particular policy is put into place that might make it slightly harder for them to use their applications. We’ll try to make it a bit easier by providing answers to several common questions asked about password security.
Understanding the Importance of Credential Security
According to“The 2019 State of Password and Authentication Security Behaviors Report,”51% of survey respondents had experienced a phishing attack, but 57% of them said it did not have any impact on how they managed their passwords.
Passwords seem to be one of those things that everyone knows they need to secure, but unfortunately many people just don’t and fall into the same bad habits of:
· Using weak passwords
· Sharing passwords with colleagues
· Reusing the same password for multiple accounts
· Not changing passwords regularly
Here are answers to common password security questions that can hopefully illuminate the importance of putting good password management at the top of your data security checklist.
Why does my password have to be so complicated?
The weaker a password is, the easier it is to hack. Cybercriminals have a list of the most common passwords (12345, qwerty, password123, etc.), and too often that’s all they need to break into a corporate network.
Passwords that are too short (less than about 7 characters) and use all lowercase letters, make it easy for a hacker to breach either by guessing or using a software designed to crack a login.
Complicated passwords that are long, use a combination of symbols, numbers, and upper and lowercase letters are much more difficult for a hacker to get past.
Why do I have to change my password so much?
If you keep using the same password for years without changing it, that makes it much more susceptible to being breached. And even if you use a strong password, with data breaches happening more often at large corporations like Target and Marriott, your credentials can easily get exposed, and generally these breaches aren’t found out until months after the fact.
Changing your password regularly can help keep it more secure, especially in the event it’s been exposed in a data breach of a vendor you use. The use of a password manager can help with remembering passwords when they’re changed regularly.
Why is wrong to share my password with a colleague?
You’re on the road and need to access something at the office, you call in and give a coworker your password so they can access the file you need. What’s so wrong with that? Well, anytime you share your password with someone else, you lose control over its security.
Even if it’s a trusted friend, they could accidentally leave your password written down on a sticky note on the desk or share it with someone else. Whatever happens on your login is your responsibility, even if it wasn’t you that logged in, so it’s best to never share your password.
How much does multi-factor authentication (MFA) really help?
You may be wondering if you should use multi-factor authentication (also known as two-factor authentication) or if it’s going to be more hassle than it’s worth. It turns out that MFA significantly increases the security of your logins.
According to a study by Google, enabling MFA prevented 100% of automated bot attacks that use stolen password lists and 96% of phishing attacks trying to steal passwords. So, using MFA on all your logins is definitely worth the few extra seconds it takes to enter a code sent to you via text message as a second factor of authentication.
How am I supposed to remember a bunch of unique, difficult passwords?
If someone had even 20 different logins (most people use many more than that between home and work) and each of those used what’s considered a strong password and each one used a completely different password, it would be impossible for the average person to remember them all. And especially so if they changed regularly.
The answer is to use a password management application. Not only does it reduce the passwords you have to remember to one, it also can suggest strong passwords when setting up logins and will keep your passwords stored securely in a password vault.
Get a Handle on Your Company’s Password Security
For many companies, their password security is the weakest link in their cybersecurity strategy. Working with BrainStomp, you can put policies into place that will be easy for you and your employees to adopt and keep your data safe.
Schedule a free consultation today! Just call us at 260-918-3548 or reach out online.