Vital Password Management Habits That Your Team Needs to Be Using
Some of your company’s most valuable assets are protected only by your least secure employee password. Credential theft is at an all-time high as attackers exploit bad password habits that allow them easy access to cloud storage platforms, servers, CRM accounts, and other assets.
Microsoft’s cloud services alone see over 300 million fraudulent sign-in attempts every day, and 81% of all data breaches are due to compromised passwords.
Having managed IT services are an excellent way to protect your network and keep devices monitored for any threats, however when it comes to passwords, companies need to take additional precautions to keep an attacker from posing as a legitimate user.
These include both discouraging bad password habits and employing tools that improve password management and credential security.
Password Management Bad Habits
Do you use the same password for multiple online accounts? Do you or your employees keep company passwords in a spreadsheet?
These are two typical password bad habits, and if you have them, you need to STOP DOING THAT NOW!!!
Which bad habits are putting your business accounts at risk?
Using Excel or Contacts to Store Passwords
Excel is not designed for storing passwords and neither is your Contacts application. Neither have the proper encryption needed to protect sensitive information from being accessed.
When a cybercriminal manages to breach a computer, they are looking for password spreadsheets and can use them to extract more valuable information from you.
Using your Contacts is also a bad way to store passwords. Think of all the apps (WhatsApp, Twitter, etc.) that ask for access to your contacts.
54% of users reuse passwords across work and personal accounts. This means all an attacker has to do is breach one account, and they can get into multiple others. Think of all those big data breaches at companies like Target or CafePress, it’s usernames and passwords that attackers are often after so they can exploit them in other accounts.
Using Weak Passwords
The sheer number of passwords that people have to manage on a daily basis (about 70-80 passwords each), often make it impossible for users to remember strong passwords for everything.
So, they end up using weak password that are easy for attackers to guess without much trouble.
Tips for Good Password Management (Habits & Tools)
Good password management ensures that logins stay secure and users are freed from having to reset forgotten passwords all the time.
With a majority of data breaches being caused by compromised passwords, adopting these tips can significantly reduce your risk of a data breach.
Train Users on Good Personal Password Habits
Employees may not even realize how much they’re leaving their accounts at risk, because certain behaviors (like sharing passwords) become second nature.
Call out password bad habits and encourage users to adopt better personal habits for password security, including:
- Never sharing their passwords with colleagues or vendors
- Not writing passwords down on sticky notes on or near their computer
- Not reusing passwords between accounts
- Not storing passwords in plain text formats (Excel, Word doc, Contacts)
- Always using passwords at least 10+ characters in length
- Always including at least one number or symbol in their password
Use Multi-Factor Authentication (MFA) With All Accounts
Adding a secondary authentication factor to get into an account stops 99.9% of fraudulent account hacks.
That one step of inputting a PIN that is sent to a user device greatly improves data security and can keep attackers out even if they’ve managed to get their hands on a user password.
Password managers solve the problem with having so many passwords that no one could possibly remember a difficult, unique password for all of them. They store passwords in a vault and users only need to remember one unique password to get into it.
Password managers also suggest strong passwords, solving the weak password issue. They can be used through an app on any device or in a browser plugin and will fill logins in automatically.
There are several personal use options for password managers that are either free or low cost. Here are a few you can check out:
For business use scenarios, you should consider a business password manager. They give you advantages that don’t come with a personal password manager, such as:
- Ability to add multiple users
- Audit trails showing which employees have accessed company passwords
- Help with more efficient / secure employee offboarding
- Keep you from getting locked out of an account when an employee leaves
Here are several business password managers to consider:
How Strong is Your Weakest Password?
Skyline Business Technology can ensure your Wabash area business has a strong password management strategy in place and help you seal any potential weaknesses in your IT security.
Contact us today to schedule a consultation. Call 260-225-3133 or reach us online.