We’ve had years to get it right, but lots of us are still getting it wrong as far as passwords are concerned. World Password Day on Thursday, 6th May intends to highlight why and what we can do about it…
Using pets’ names, the same password for multiple accounts or weak passwords comprised of personal information are some of the most common sins, but really… how can 23.2 million people across the UK still be using “123456” as the password to their devices?
That kind of password behaviour isn’t restricted to personal devices though. Many people use the same passwords across their own technology and the work devices and systems they use – opening up the gate to more widespread risks in both areas.
Why secure passwords are important
A favourite method that cybercriminals use to hack into business networks is by blasting their chosen target with login attempts using lists of the most commonly used passwords. And yes, you guessed it, ‘123456’ and ‘password’ still get them plenty of results.
Protect your personal and work accounts by not thinking of passwords as an inconvenience, but instead as a useful device that can save you from the hassle of your company being hacked or having your personal information stolen and the risks that that brings.
Some good tips for password etiquette are:
- Strengthen. Create a code that’s hard to crack by using strong passwords with numbers, upper and lower case letters and special characters. The latest advice includes using short nonsensical phrases that you’ll remember but that can’t be guessed.
- Change. Do this regularly and, if you’ve been notified that your data has been compromised in a major breach, make it a priority to change your password as soon as you can to protect yourself, your data and your identity.
- Keep things separate. Don’t recycle passwords, either at home or at work, and certainly do not use a particular password in both locations.
2FA and MFA
If you do online banking for example, you’ll probably have noticed over the last couple of years that they’ve started texting you a code to enter online so you can prove that it’s you who is making the attempt to log in to your account. This is called two-factor authentication (2FA) and it’s a good thing! This extra login requirement adds an additional layer of security on top of the usual username and password bit to make things harder for cybercriminals to hack into.
Other businesses have also been moving towards requiring this type of security measure, especially with many more employees working remotely over the last year. Some have even introduced multi-factor authentication, adding yet another layer of security that can’t be faked (on top of username/password and numeric code) in the form of biometric information, i.e. a user’s fingerprint, retina scan or voice.
How to tackle poor password practices in the workplace
A key part of tackling the problem of inadequate password practices in the workplace begins with staff training and awareness. If staff aren’t informed of the reasons why using ‘password1’ is a bad idea, then they’ll carry on using it. So equipping them with information and highlighting the dangers of reused or weak passwords is really important.
By consistently enforcing password policies across your organisation, as well as eliminating obstacles to unsecure password use (e.g. by enabling staff to change passwords without needing to contact the IT team), companies should begin to see better and more secure passwords being used. And that can only be a good thing for your company’s cybersecurity!
World Password Day: https://www.daysoftheyear.com/days/password-day/