Passwords are like underwear – change them often, the longer, the better and keep them private.
Every business, no matter how big or small and every individual internet user has encountered the dreaded password dilemma. I know if I was allowed, I‘d have the same password for everything, but I also understand that wouldn’t be very ‘cyber smart.’ So, is there a way to safely store my passwords, strengthen my security and minimise an attack? There sure is!
Why do Hackers capture passwords?
Simple, by having the password the attacker has access, to everything.
Hackers know that as humans we are likely to reuse passwords across multiple accounts and because our memory struggles to retain different types of information, we tend to use short identification names, words linked to our life, such as a personal name abbreviation or street name. This is one of the reasons we often find it necessary to write passwords down on paper or worse, in a document saved on your computer.
Some of the methods used by hackers to secure your login credentials include:
Spoofing logins, a fake login page is used by the cyber-criminal to collect the password.
Sniffing attack, uses key logging software to capture your passwords. (Think Banking)
Brute force attack, where automated tools are used to establish your passwords.
Data breach of trusted website, hacking and stealing the database of a website you have entrusted with your confidential data.
Attackers recognise if they can crack one password, they are likely to crack the various derivations you’ve used elsewhere. That’s why companies handling large scale security recommended that a passwords should be longer than 14 characters, use upper- and lower-case characters, punctuation, and special characters like the # or $ sign. (Each additional symbol in a password exponentially increases the number of possible combinations.) Try remembering those passwords!
What to consider in a secure solution?
From a business’s viewpoint the various factors to consider are not that different to an individual, except for the consideration of an appropriate password policy and the use of 2 factor Authentication across applications.
A businesses password policy covers issues such as frequency of updating a password, rules around using and repeating passwords, requirements related to keeping passwords confidential i.e., no writing passwords down, length and makeup of passwords and the usage of a tool such as a password manager.
Based on a company’s policy an IT support team will implement a number of rules as part of the standard operating environment. Having automatic ‘change’ reminders generated and implementing rules within that process to ensure a previous password is not reused or ensuring devices used by employees have the password manger installed and activated.
Other factors to consider are:
Keylogging protection software
Which password manager
The application of common sense, e.g., never leave your computer unlocked if unattended
81% of data breaches are caused by compromised, weak and reused passwords.*
(*Verizon Data Breach Investigations Report.)
Computer Troubleshooters can help implement and manage a password policy whether you are a single user or a small to medium business. Our managed monthly plan is tailored to your budget and security needs.
What is a password manager?
A password manager is an application that stores your login credentials and passwords securely across all required applications. You no longer need to remember numerous login details. A dependable manager will have a secure vault, accessed only via a master password.
Password managers have a number of features, at Computer Troubleshooters we recommend that you use a tool that has encryption, stores your details in the cloud allowing access across multiple devices, uses a two-factor authentication process to login and one that will automatically fill the login fields and detect false login pages.
How can Computer Troubleshooters Assist?
Not sure if your business is password secure? Chat with your local Computer Troubleshooter, they will provide you with a recommendation and a plan of action that individually meets your needs.
Our Cybersecurity Solved (protection) plans are all based on an established fee, providing predictability to your IT budget cost while avoiding the impact of an IT security hack.