Can you spot what’s wrong with this photo?
At first glance you might be thinking nothing… It’s just your regular bunch of smart, insightful, technically astute - Oh, and humble – IT champions posing for a social media photo. Right?
Nothing wrong. Apart from some bad fashion choices perhaps.
That is, unless you look a little closer.
Be honest, how many passwords do you – or team – have pinned up around the office? Maybe on sticky note? Or a whiteboard just like this example.
Regardless how complex your password is, storing a copy in plain sight for all to see – and take advantage of – is never a good idea. And if you think your easy keyboard combination will prevent our malicious counterparts from accessing your private data, you might want to consider.
Common Passwords are as easy to hack as 123. Literally.
After evaluating more than 5 million passwords that were leaked on the internet, SplashData revealed that a lot of people (think millions) continue to use weak – and oh so guessable – passwords to protect their personal and business information. Here’s a list of the top 25. Oh, and if you’re passwords on this list. Please change it. Immediately.
Stop malicious IT Geeks from walking into your accounts – and your business – like they own the place.
You could be forgiven for thinking that throwing in a handful of numbers or the odd capital letter into your password will make it all the more formidable. But with password hacking on the rise, even mildly complex passwords aren’t enough. And here’s why.
Data breaches happen - More than you think. And when they do, passwords get leaked. Which makes it easy for deviant IT geeks to try techniques like credential stuffing and brute force attacks to breach your accounts.
Think of a brute force attack as the cyber equivalent of trying every key on your keyring until you find one that works.
“But it would take a lifetime to enter every password and every possible combination, right?”
And you’re right, it would. Unless you have a computer that does it for you – in lightning speed. And they do.
In fact, we do too. And if you’d like to see how strong your team members passwords are, just get in touch and we’ll show you how well protected your critical business data is when your passwords are under attack.
So, what’s the answer? And how do you create a strong password?
It should be no great surprise for you to hear that you’re best using long, complex and unique passwords for every single account you have.
Which, I admit, can sound daunting and “way too hard to put in to practise or know where to start”. So, to help you get started I’ve put together a list of helpful password tips, so you can help prevent malicious IT geeks from walking into your accounts – and your business like they own the place.
7 Password Tips
1. Check if you have been compromised
Discovering if your account has been compromised in a data breach is a good place to start. And it’s easy to do. Just visit https://haveibeenpwned.com and enter your email addresses. The website will scan a database of leaked data and let you know whether your account has been compromised. If it has, it will also show you what account was breached and when.
2. Password length
It’s a simple rule of thumb, but the more characters you add, the longer it takes a brute force attack to crack. Aim for a minimum of 10 characters that includes a mixture of numbers, symbols, uppercase and lowercase letters.
3. Add nonsense
If your passwords don’t exist in the dictionary and aren’t grammatically sound, then they become a lot harder to crack. Especially if they don’t make sense. Try to make up a silly story, sentence or phrase. Not only is it more secure, it’s easier to remember too.
4. Avoid the obvious
Personal information is a no-no. So is your pet’s information. Oh, and the same goes for your favourite book, movie, actor, weather season, etc. It isn’t hard to scan a social media account to retrieve this information, so please don’t use it to protect your data.
5. Don’t store it on a sticky note
Oh, and notepads in your desk drawer aren’t cool either.
6. Don’t use the same password. Please.
Despite its convenience, using the same password for all – or some of your accounts – is risky business. Once your account is compromised, hackers will attempt to stuff your credentials into several other online platforms in the hope that you are using the same password. And it happens. A lot.
7. All too hard? Then let a password manager do it for you
A password manager takes the effort out of handling your password security. In short, is a software application that automatically generates, encrypts and remembers unique passwords for you, so you don’t have to.
Setting them up for your team is quick and using them is easy. Just have a chat with your IT Manager and they’ll be able to run you through the options.
Your business is only as strong as your weakest password
Given the amount of applications you and your team members use day to day, it’s easy to understand why you might opt for a simple password to secure your accounts.
Using the current weather season, your cats name, or - better yet – pinning your password to your wall, is so much easier right?
And it is. For a malicious IT geek to hack. So please don’t.
Staying on top of your password security means you’ll help to prevent your data falling into the wrong hands. And it starts with getting everyone in your team on board.