With security threats on the rises due to COVID-19, weak passwords are a significant vulnerabilities for businesses of all sizes. The security team at CompuVision has built the following resource to help employers and employees with keeping their network and assets secure.
Weak passwords are one of the most significant vulnerabilities for businesses of all sizes. While you can pour money into upgrading antivirus software and the latest cyber security, if your employees are using weak passwords there is always going to be an open back door into your system.
In theory, we are all well aware that our passwords need to be stronger. But despite this, passwords like ‘password123’ or ‘123456’ are disturbingly common. There are plenty of things we can do to make our password protection more secure, like avoiding using family or pet names, not reusing passwords and not saving your passwords on your browser. But these solutions don’t always cut it, and staff tend to do without good password hygiene more often than not.
Part of the reason for this is that we are all human, and remembering a variety of different, complex passwords is hard. It is also, if we are honest, annoying to have to change your password every couple of weeks, just when you had got to grips with all those symbols and capital letters.
Luckily, there are a few easy and simple techniques to help you manage your passwords which allow you to keep your system secure without having to worry about multiple hard-to-remember passwords and getting locked out of your account!
Evaluate the security of all your passwords
There are several great resources for discovering how secure your current passwords really are. Just be prepared for a shock! Our favourite tools are haveibeenpwnd and howsecureismypassword.
Use a password manager
This is the best, most secure and most convenient method of managing many different passwords over multiple sites. A password manager stores all the login information you use for all the websites you visit, and encrypts this password database with one master password, the only one you have to remember. Good password managers like LastPass, and 1Password will generate strong, secure passwords for your various logins, and change them on a regular basis.
A lot of users on Apple use Keychain on their devices. Keychain has the benefit of coming directly from Apple and is deeply integrated into macOS and iOS. Protected by 256-bit AES encryption to store and transmit passwords and credit card information, it also uses elliptic curve asymmetric cryptography and key wrapping – a method of security that ensures all data synced between devices is kept safe.
When it comes to security iCloud Keychain is a robust service, but password managers such as 1Password or LastPass, on the other hand, provide a much wider reach.
Use two-factor authentication
Two-factor authentication requires two different methods to confirm your identity before you can access an app or website. So even if you enter your password correctly, you will still need to input a code sent to your phone or email to be able to log in successfully. This means that even if your password is hacked, you can still be secure (as long as you haven’t lost your phone as well!)
Password protect all your devices
While work computers and business accounts all require passwords, if all your devices are not secure then you might have a weak link. People often save passwords on their phones, and apps sometimes don’t require security to log in after the first time, so ensure that every device you have is password protected.
Use artificial intelligence
Many companies have moved towards using AI to increase their password security. Things like biometrics – facial recognition or fingerprint access – can be a great way to beef up security and avoid the complications of weak passwords all together.
Strong password security is essential to ensuring your organization is properly protected. Take a look at our suggestions above, and make sure everyone in your company is doing their bit to keep you safe and secure from cyber attacks.
For more information
Additional information on password management and cybersecurity can be found at https://compuvision.biz.