Are you protecting your company best practices for password security? Two recent high-profile security breaches raise concerns about the safety of online accounts and shed light on the importance of taking steps to better protect accounts from Internet criminals.
In the recent Yahoo hack, over 500 million accounts were compromised, and a recent Twitter attack may have lead to 32 million accounts being breached. When you consider that 1 in 7 people use one password for all their accounts, this attack begins to expand beyond just the inboxes of Yahoo mail and potentially into the network security systems of your organization.
Teaching your employees proper password security is the forefront on keeping your organization safe from password-savvy hackers is the first step, but proper password creation and security maintenance is becoming a top priority for IT safety professionals and civilians alike.
Password safety is a culture
While you can enforce password changes and safety measures to be updated with your employees through automated processes, real change comes from instilling a sense of password safety hygiene within your organization. Step one for any password-protection update in your organization should be to educate your employees on the importance of strong passwords and data encryption, and showing them the importance of password security for all aspects of their internet-based lives.
If your employees fully understand how many passwords and accounts have been hacked, and understand the implications of a hacked password and what that can do to your organization and their own personal online profiles, they’re going to be more likely to keep up with their own password and data security maintenance in and out of the office.
To 16 characters, and beyond
Creating a good password is the next step. It’s common knowledge that more numbers and letters per password makes it stronger, but in today’s world, 16 character is a smart bet, and going beyond that is even better. The more unique characters and numbers you use in your passcode, the less likely it is to get hacked – this means mixing upper-and-lower case letters, and including numbers and symbols.
It goes without saying to stay away from the classic “password” or “password123” formats. Additionally, don’t include personal information that would be too easy to find on social media or otherwise. With hackers having access to social media, using personal terms such as a pet’s name, birth year, or name of a school you attended for either a password or security phrase password could be easily found and used online.
Mix and match
One of the top mistakes employees make when it comes to network security is the usage of one password for all applications. Granted, having one seemly good password with a mix of numbers and letters can seem like a strong choice across multiple uses, but the truth is, once one hacker finds that password through a hack of a single, insecure source, everything that employee uses is now in open season.
Teaching employees to have different passwords for their accounts – ranging from bank accounts, to work email, social media or personal email – is a smart step towards keeping information securely locked behind different password walls.
One-step, two-step verification
One of the easiest ways to boost password security is through a two-step verification process. This can be partaken in a handful of ways, but the easiest is usually a PIN or passcode verification along with your password entry. While a hacker may be able to figure out or uncover one password, the chance of them finding one password AND a completely un-affiliated PIN are pretty slim. This goes without saying of course that the PIN chosen cannot be the same as any numbers in the password, and should be unique to that code.
There is more to learn to be safe
Password security has grown to become one of the top online security factors in the past years. Most people get hacked not because they want to, but because they were unsure of the proper security steps to take in preventing a hack in the first place. Most organizations and employees are more focused on the important tasks they need to get done for business rather than proper IT security, which is a hacker’s dream.
Reach to a managed IT provider like NENS, to be your password and IT security partner so you can focus your time on the tasks that matter to your business.