Why You Should Never Share Passwords with Coworkers or Leave Them Easily Accessible
/Passwords have become a new “Holy Grail” for hackers and large criminal groups of all types. With much of the workload and data for companies moved to the cloud, getting in via a brute force attack is not easy.
Cloud service providers like Microsoft, Amazon, and Google spend millions each year on security and they have stringent defenses for their data centers and networks.
But if an attacker has the email address and password for a legitimate user of the cloud account, they can get right in. Depending on the privilege level of the account they breached, they can do things like:
Steal sensitive data
Access email
Add and remove users
Infect cloud storage with ransomware
Send phishing email from your email address
Access payment card details
And more
Breach of user credentials has become the number one cause of data breaches globally.
It’s important to have a comprehensive cybersecurity plan with several layers of protection. One of the critical layers is password security. All it takes is one unprotected password to cause a major breach that costs hundreds of thousands of dollars.
Breaches cost both companies and individuals because passwords are often shared across personal and work accounts.
Poor Password Habits Can Lead to Big Problems
Acting against how important it is to keep passwords secure is the fact that many users have bad password habits.
A SurveyMonkey survey found that:
34% of people share their passwords with coworkers
22% of people admit to using the same passwords for work and personal accounts
Only 12% of people use a password manager to securely store their passwords.
Unsecure storage methods used for passwords can increase the risk of having your passwords stolen. People have so many passwords to remember that they often resort to these types of methods.
Do any of these look familiar to you?
Using your phone’s contacts app to store passwords
Storing passwords in an Excel or Word document on your PC (not password protected)
Using sticky notes stuck to your computer to jot down passwords
Reasons You Should Not Share Passwords
We tend to trust certain people we work with and they may be good friends. So, you might not think twice about sharing a password with your friend at work. But sharing your password is like handing out a copy of your driver's license to share. It’s a huge security risk that can lead to major problems.
Here’s why.
You Have No Control Over the Password Security Once You Share It
While you may trust your friend and they might not mean to leave your password unsecured, mistakes happen. Bottom line is that you have no control over the security of your password once you give it to someone else.
Methods of Sharing Are Often Non-Secure
How you share that password with another person might allow the password to be intercepted. For example, if you send your coworker the password in a non-encrypted email, it can easily be seen by anyone trying to infiltrate your network.
Sharing a password on a piece of paper can also lead to a security problem. Imagine if that paper is thrown away, and then retrieved by someone wanting to harm the company, such as a disgruntled employee.
You Are Ultimately Responsible for Your Password
When a data breach happens, IT experts will look at system logs to find out the source of the breach. If your account is connected to a breach or unwelcome activity in the system, you will be blamed.
If you share your password, then whoever has it can log in as you. The system reads you as the user and all activity tracked is associated with your user login. You could be blamed for something you didn’t do, such as downloading confidential information.
Reasons You Should Not Leave Passwords Easily Accessible
It’s Easy to Search for Documents Called “Password”
If someone has a document on their PC where they keep passwords, there is a good chance that the word “password” is either in the title or the body of the document.
All anyone with access to the computer, either physically or through malware, would need to do to find that file is to search “password” in the file search. Without any protection, that entire list of passwords could easily be stolen.
There Are Better Ways to Secure Passwords That Are Convenient
You don’t need to store passwords on sticky notes or in a contact application, there is a much better way that is just as convenient.
One of the best ways to store passwords securely is using a password manager. This type of app encrypts passwords so they can’t be read, even if someone accessed your computer without your knowledge.
It’s easy to use on a PC or mobile device, and you only need to remember one strong password to access all your others. Password managers can even auto-fill your passwords into login forms and can suggest strong passwords for your accounts.
Improve Your Password Security With Help from BrainStomp
BrainStomp can help your business put password security solutions in place that reduce risk and fortify the security of your cloud accounts and data.
Schedule a free consultation today! Call 260-918-3548 or reach out online.