BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Does Your Workforce Create Strong Passwords?

Does Your Workforce Create Strong Passwords & Have a Plan B Cybersecurity Defense?

As the old saying goes, “a chain is only as strong as its weakest link.” Unfortunately, the new saying is that a business network is only as secure as its employees’ passwords.

Despite widespread knowledge that hackers exploit weak passwords to breach entire systems, trusted workers still use ones that are easy to guess at and repeat them across platforms. If that seems counterintuitive, business leaders may want to consider these statistics.

  • The two most commonly used passwords remain “iloveyou” and “sunshine.”
  • Approximately 23 million people use the password “123456.”
  • More than half of workforces use the same password for personal and business purposes.
  • Upwards of 57 percent of phishing email scam victims do not change their password.
  • One-third of people stop doing business with organizations responsible for compromising their credentials.

What seems stunningly illogical about rampant password protection failures stems from this statistic: Approximately 90 percent of internet users say they are worried about getting hacked due to a compromised password. Industry leaders may be left scratching their heads. But as a decision-maker responsible for ensuring the integrity of digital assets, something needs to be done. You can set company policy that educates team members about how to create and remember strong network passwords. If that doesn’t work, there’s always Plan B.

Strong Password

How To Educate Employees About Strong Passwords

Getting workers to create powerfully secure passwords may not be that difficult. Insisting on a series of unrelated letters, numbers, and characters will fend off most hackers. On the other hand, team members will likely lose productivity, resetting a difficult-to-remember login profile. Fortunately, a happy medium can be achieved without too much difficulty.

Passwords do not necessarily need to be obscure. They just need to be difficult for hackers to unveil. A password employing 8-10 characters can be hard to crack if done cleverly. For example, the too common “iloveyou” can be tweaked to “iLuv2Make$,” which could be a tough one. That’s largely because it uses untraditional “Luv” in place of the spelled-out word, employs uppercase letters, a symbol, and a number. All an employee has to do is remember the phrase “I Love To Make Money” as a trigger.

Repeated passwords also need to be addressed. Consider training those under your leadership to make variations on one primary password. In this case, it could include “uLuv2Make$2” or “iH82owe$.”

It’s also important to share the reason that complex passwords are necessary. Hackers have a toolkit at their disposal that typically includes brute-force and dictionary techniques. When brute-force attacks try to run every conceivable combination of letters and characters possible. This tends to be time-consuming, and digital thieves are likely to give up when faced with strong passwords. Dictionary attacks run common words at the profile. If your worker’s password is “sunshine,” consider your network breached.

How Can Business Leaders Implement a Plan B?

Practical business leaders learn that human error ranks among the top reason things go sideways. Cybercriminals send out thousands of scam emails, knowing someone will open one, download a malicious file, or respond with critical information. Someone will make a mistake. Given that your financial future can be one mistake away from ruin, organizations are using multi-factor authentication as a fallback defense.

Multi-factor authentication requires employees to receive and enter a secondary code before gaining access to the network. This may be sent to another device that hackers cannot access. In some instances, an email alert is sent that must be approved. Even if someone foolishly uses “password123,” a cybercriminal would still need to know the authentication code or approve login access to upend your network.

If you are concerned about password security, consider working with a managed IT professional to educate employees about password protection, and install multi-factor authentication just in case.

More Like This

Key Insights From Cybersecurity Trends and Stats for 2021

Key Insights From Cybersecurity Trends and Stats for 2021 Cybercrime is a hot topic that makes news headlines and attracts the corporate world and individuals’ attention. According to the Federal Bureau of Investigation (FBI), there was a 75 percent increase in breaches since the Covid-19 health crisis started through June 2020. On the other hand, Google reported …

Key Insights From Cybersecurity Trends and Stats for 2021 Read More »

Read More

AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders

Original release date: April 26, 2021 Summary The Federal Bureau of Investigation (FBI), Department of Homeland Security (DHS), and Cybersecurity and Infrastructure Security Agency (CISA) assess Russian Foreign Intelligence Service (SVR) cyber actors—also known as Advanced Persistent Threat 29 (APT 29), the Dukes, CozyBear, and Yttrium—will continue to seek intelligence from U.S. and foreign entities …

AA21-116A: Russian Foreign Intelligence Service (SVR) Cyber Operations: Trends and Best Practices for Network Defenders Read More »

Read More

Here Is Why Windows Virtual Desktop Is Better Than Traditional Virtualization Solutions

Here Is Why Windows Virtual Desktop Is Better Than Traditional Virtualization Solutions Windows Virtual Desktop (WVD) allows your business to leverage either a multi- or single-user Windows 7 or 10 experience. The service also incorporates Office 365 ProPlus. You can count on WVD to help centralize monitoring and management functions. On the other hand, your …

Here Is Why Windows Virtual Desktop Is Better Than Traditional Virtualization Solutions Read More »

Read More

AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to vulnerabilities in certain Ivanti Pulse Connect Secure products. Since March 31, 2021, …

AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities Read More »

Read More

AA-21-110A: Exploitation of Pulse Connect Secure Vulnerabilities

Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020 or earlier related vulnerabilities in certain Ivanti Pulse Connect Secure products. Since March 31, 2021, CISA …

AA-21-110A: Exploitation of Pulse Connect Secure Vulnerabilities Read More »

Read More

Transfer or Backup Google Authenticator in Few Easy Steps

Transfer or Backup Google Authenticator in Few Easy Steps Two-factor authentication (2FA) plays a critical role in mitigating cybersecurity risks posed by bad actors. This method bolsters access controls by requiring a two-step identity verification when signing into applications. Google Authenticator simplifies this process by enabling users to verify their identity using a smartphone. When …

Transfer or Backup Google Authenticator in Few Easy Steps Read More »

Read More