How Recycled Passwords Are Putting Your Company At Risk
There is not a week that goes past that we do not hear a new report about a security breach and the possibility of our data having been stolen from our favourite shopping website, holiday company, or the latest app we have signed up for.
And while these reports remain constant, it seems the public is unfazed by the impact their behaviours can have on their own accounts. Or even how your employees maybe affecting your attempts at remaining secure.
A recent survey found that only 55% of people will change their password if their account is hacked. This has been driven by a fear of forgetting passwords. Individuals are placing more emphasis on being able to get into accounts themselves, rather than worrying about keeping others out.
Complacency can cost, and the indifference being shown could cause a critical incident to not only your personal accounts but also your business accounts.
With that in mind, here are four password mistakes you are making, and how to fix them.
1) Thinking your passwords aren’t important enough
It is obvious that your banking and PayPal information is valuable to hackers, but you may think that your other data is not. Think again!
The past year has demonstrated this with breaches reported by Airbnb, Uber, and other apps and websites used frequently. The login details can be sold on the dark web as well.
A report by Verizon found that 81% of hacking-related breaches leverages either stolen or weak passwords. These passwords could be used to access other accounts and are considered a goldmine for hackers.
2) Reusing passwords, especially from personal to office accounts.
Your password maybe unique, lengthy and strong, you have memorized it and the website is telling you it is a strong choice. But using this password over and over again will weaken its effectiveness.
59% of individuals use the same password for all accounts, even though 91% of people know that this is a security risk, according to a recent survey.
The same password or even similar password across your accounts can open up even more information to a hacker. What is more, by taking your personal password over to your work accounts, puts even more information at risk of being hacked.
3) Not changing the default password
Sometimes when an account is set up on your behalf a generic password like “admin” or “password” is used. And while these may be easy to remember these are a hacker's go to, to gain access for your account. Making this a risk especially for employee logins, these can also be an issue for business hardware and software, like routers or collaboration software.
4)Two-factor authentication is not being utilised when available
Two-factor authentication is now offered on many websites, but many are not utilising it at all. Adding another step to your login when accessing your account gives you an extra line of security. Combining your password with another aspect like your phone or fingerprint will allow you to approve a new login attempt.
This added security gives you the opportunity to protect your account should your password be compromised. The hackers will not be able to gain access without your consent on your chosen device.
How to fix these issues:
While it may seem daunting to have to come up with a unique password for all your accounts, this will ensure that a breach on one account will not mean a breach of all your accounts. However unimportant the account may seem, treat each one uniquely and create a different password for each. By using unique, complexed passwords it will make the accounts secure while making it harder for hackers to guess or access other accounts.
Password generators can help you to create one-off passwords, and utilising a password manager can help you track these for each site and log in. And where possible, always enable two-factor authentication. This gives you an added line of defence should there be a breach of your information.
As the tools and technology that hackers are exploiting become more advanced, it is important for us to ensure that we are keeping our data as secure as possible. The information we give out on a daily basis is no longer considered trivial and by using a strong password as the first line of defence is important.
To discuss how we at Xenace can help you in with your businesses security measures, Please Get In Contact Today.