Improving your password security is a job that can never be done enough. However, not enough businesses do it.
Raising awareness about Cyber Security is one of our main tasks for 2019. We are looking to producing more and more content on how to improve your security so fewer businesses are put at risk.
So here is a quick and handy guide on some ways to improve your password security:
Allow users to securely store their passwords
One issue that businesses face is ‘password overload’ where employees become overwhelmed with remembering multiple passwords. Which leads to users continually resetting passwords, and inevitably making them weaker by probably using the same password for all accounts.
The solution? Help your employees generate highly secure and appropriate passwords using a password manager. We are big supporters of Passportal, but there are many valuable options out there.
Alternatively, we have produced solutions in the past using Office 365 to help store and manage passwords.
Make it long!
In conjunction with a password manager, it’s vitally important for login information to be refreshed throughout the year.
Password characters are usually the key to a password being easily guessed. Betterbuys developed an app to test your password security, and the results revealed that a longer password meant longer time for a hacker to crack it. Here’s what results they produced:
7 characters – 0.29 milliseconds to crack
8 characters – 5 hours to crack
9 characters – 5 days to crack
10 characters – 4 months to crack
11 characters – 1 decade to crack
12 characters – 2 centuries to crack
The proof is plain and simple, encourage your employees to generate longer passwords.
Refresh and replace
Another easy tip to implement is to get your business into the routine of regularly refreshing passwords after a set number of days. Typically, the standard is 90 days. But what does it achieve?
The method here isn’t to increase your password security by generating a stronger password (through more characters, alphanumeric combinations, and symbols) but instead is to make sure any data that could have been exposed, is made useless for a potential hacker.
As we’ve detailed before in our article about how passwords are cracked, some methods include using a large database of existing passwords. Therefore, if your password has been previously exposed, it won’t be able to access your account again.
Teach employees about syncing accounts
A potential hole in security can be the helpful nature of web browsers. Over the last 5 years, companies like Google and Microsoft, have encouraged signing into an account when browsing the web to help collect information and tailor their experience.
The downside of this is that web browsers always prompt the user to save the username and password logged into a familiar site. Meaning that if a hacker did get into a web browser account, they could potentially log into a lot of information.
Make sure employees don’t sync log in data to their signed in account. Instead, make sure the account syncing is protected and secure for only business use.
Remember to log off!
Surprisingly, this is not commonly communicated when it comes to PC use.
Turning off your PC has two main benefits. One is that it means less energy is being consumed and should mean your PC lasts longer in the long run. As it’s not using up hardware processes by routinely powering down.
The other is that your machine is kept much more secure. as if a criminal broke into an office with a preloaded memory stick – they could access your account.
A machine that has been turned off means that the username is removed, giving yourself an extra level of protection.
Evaluate how your employees currently store and protect their data and implement these steps.
Contact your IT service provider and see what else they can put in place for you. As a result, developing software to protect your passwords could be a bright idea.