For years, passwords have served as the frontline defense for any business’s cybersecurity strategy. This method, however, has become insufficient with time. The surge in our online presence, along with cybercriminals becoming more sophisticated and the prevalence of poor password habits, has highlighted the faults in this simple security measure. We explore these concerns surrounding the current state of password strategies below and how to best improve them this World Password Day.
The dangers of reusing passwords
Password reuse is a widespread practice that poses significant risks to cybersecurity. According to Google research, over 60% of Americans use the same password across multiple accounts, from social media platforms to online banking. The habit may seem convenient, but it creates a single point of failure: if a cybercriminal gains access to one account, they could potentially access all other accounts using the same password.
Therefore, individuals and businesses should implement strong, unique passwords for each of their accounts to minimize the risk of a breach.
Password sharing: A growing security risk
Many people share passwords via plaintext such as through email or messaging platforms, unaware that these then become vulnerable to third-party interception. These passwords can also end up in multiple locations, such as various email inboxes or online documents, increasing the likelihood of unauthorized access.
Given this, make sure to emphasize the importance of password confidentiality and discourage employees from sharing passwords, even within trusted circles. Your staff may not have malicious intent, but unsecure password sharing can still lead to unintended breaches. Educating them on these risks and providing secure alternatives, such as team-based access control and password management tools, can bolster your cybersecurity.
The prevalence of weak passwords
According to NordPass, most global users still use easily guessable passwords, with “123456,” “admin,” and “12345678” ranking as the top three most commonly used passwords. These weak passwords can be quickly cracked manually or using automated hacking tools and methods, leaving your accounts and sensitive information vulnerable.
When creating a strong password, longer means stronger. Aim for at least 12-character long combinations. Even better, consider using a passphrase, which is a string of at least four random words. This makes it long, therefore difficult to crack for cybercriminals, but still easy to remember for users.
The importance of password managers
Password managers can offer a secure and convenient way of storing and managing multiple unique passwords. This simply involves creating an account and setting up a master password for access. Users only need to remember this one code, which their account securely stores along with other login credentials from various profiles. These passwords are encrypted for protection and automatically filled in for websites and applications, eliminating the need to manually recall and input passwords each time you log in.
These tools have become commonplace among businesses, with only 38% of IT organizations not using a password manager. While they aren’t invulnerable to sophisticated hacking attempts, they still provide an extra layer of protection alongside other cybersecurity methods.
Strengthening security with multifactor authentication (MFA)
Passwords simply aren’t enough to keep your accounts safe from prying eyes. With MFA, users must provide two or more proofs of identity before gaining access to an account. Typically, this could involve a temporary code via text message or email or biometrics such as a fingerprint or facial scan. MFA significantly reduces the risk of hacking attempts, even if a password is compromised.
Many online platforms and services now offer MFA as an optional security feature to enhance one’s account security. Businesses are also increasingly adopting this method as part of their cybersecurity strategy, with nearly two-thirds of users and 90% of administrators now implementing MFA.
Looking to improve your password strategy? Our IT experts at SpectrumWise offer a wide range of proactive cybersecurity solutions to help further protect your data from cybercriminals. Schedule a consultation with us today.