Even with the advent of two-factor authentication, passwords are still one of the most crucial (and hackable) things that need to be taken seriously. To avoid obvious password mistakes that put your business at risk for a cyber attack, here are some best practices all of your employees should implement as part of your cyber security policy.
Don’t use personal information
It can be a pain to remember passwords with random characters or phrases, and ultra-tempting to make your password a mishmash of your dog’s name and your street address but don’t do it!
Your organization should have guidance in place for creating strong passwords. We recommend passwords that are at least 12 characters long. For example, let’s look at using your date of birth. While you may think that is a “random” string of numbers your co-workers can’t guess, social media now makes it easier than ever to access personal information, and depending on your security settings, your birth date may be just a few clicks away. Especially for passwords like your birthday, which can be brute forced and provide easy access for hackers.
Don’t use your password for multiple platforms
Don’t only change one character from one password to password and assume that’s an airtight way to protect your accounts. Urge employees to not use the same password for everything.
If a hacker were to brute force an employee’s password on one platform, if that employee used the same password everywhere, the hacker has access to several systems within your organisation. There are platforms like LastPass and Bitwarden that can be invaluable for your IT team and staff to safely manage multiple passwords.
Change your password regularly
We recommend having all employees change passwords between 6 months to 12 months to minimize the risk of a cyber attack. To ensure your system is definitely protected, 2 Factor Authentication is one of the better ways to protect against passwords being breached.
We focus only on Cyber Security, this is to make sure we are great at Cyber Security and partner with your IT Team/IT Provider (MSP) who provide general IT support service testing, prevention, and incident mitigation services. Contact us today.