Doing business in rapidly changing environments requires organizations to adjust their existing security protocols constantly. They must be agile and adept at securing passwords and other user credentials to avoid data breaches and massive losses. Here’s how business leaders and owners can bolster their organizations’ password security and instill a cybersecurity culture in their ranks.
Avoid Using Common or Popular Passwords
By now, hackers have a complete list of common passwords to try and shimmy their way past secure checkpoints. They don’t have to use sophisticated tools to decipher long strings of numbers and letters or spend hours trying different combinations. All they need is a few attempts to guess the correct password, and they’re in.
Many users make it easy for bad actors to hack into their accounts by using popular passwords. Around 5 million people use these passwords to protect their accounts and sensitive information:
- 123456
- password
- 123456789
- 111111
- guest
- qwerty
- qwerty123
- 1234567890
Criminals nowadays are just waiting around the corner for an unassuming employee to make a slip. Stolen credentials account for 80% of password hacking incidents worldwide. Companies can avoid being part of the statistic by taking a proactive stance on password security. Business owners and managers should remind employees and team members to avoid using easily guessed passwords in their accounts.
Create Longer, Stronger Passwords
The Federal Trade Commission (FTC) implores people and businesses to use strong passwords to help protect their accounts and data. It recommends the use of at least 12 characters for a more secure password. The FTC also encourages mixing uppercase and lowercase letters and using numbers and symbols to make password-breaking difficult for bad actors.
While it may be challenging to memorize a unique string of random letters, numbers and symbols for every account, employees can use passphrases to make their passwords memorable. Companies big and small can benefit from employing these best practices in password creation.
Update Passwords Regularly
Changing passwords can be a hassle, but it’s an effective way to prevent hackers from gaining access to accounts and systems. Only 34% of users change their passwords every month, and 44% of internet users don’t change their passwords at all.
Repeatedly using old passwords can spell disaster for businesses. Bad actors may reuse old, compromised passwords to break into security systems if employees are not careful. Changing passwords can significantly reduce risks by making hackers work double time to decipher user credentials.
Avoid Using Duplicate Passwords
Using duplicate passwords for multiple accounts might seem reasonable to the ordinary user, but it poses significant risks to any organization. Hackers will always try to find the path of least resistance. Once they get access to a password, they’ll try to open as many systems as they can with the same credentials.
With over 60% of Americans using the same password for multiple accounts across different systems, duplicate passwords remain a relevant security risk in many modern business environments. Using unique passwords will help prevent bad actors from gaining easy access to more areas than necessary during an attack.
Enable Two-Factor (2FA) or Multifactor Authentication (MFA)
For many companies and organizations, passwords are still the primary security standard in securing credentials and account information. However, many businesses are switching to newer, more robust security measures, like two-factor and multifactor authentication. Both 2FA and MFA require additional proofs of authentication beyond traditional passwords.
Aside from typing in their passwords, users must also input a one-time password via text or email to confirm their identity. Considering that 73% of passwords are duplicates, 2FA and MFA add another layer of security to user logins. They can block 99.9% of account compromise attacks. They’re a simple but effective way to prevent would-be attackers from progressing in their attempts.
Avoid Password Sharing
Password sharing is a big no-no for companies dealing with highly sensitive information. While it may work for people in their setups, password sharing poses serious security risks on an organizational level. This is especially true if user credentials are transmitted via unencrypted means like text, email or paper.
Managers and business owners should instill in their staff the importance of keeping passwords and other credentials strictly confidential. Hackers and other bad actors use brute force and dictionary attacks to break into secure systems and gain access to private data. Employees should understand that they are responsible for the security of their passwords at all times.
Use Password Managers and Generators
Companies have a lot more to lose when it comes to data breaches. An IBM report indicates that the global average cost of a data breach went up by 15% in 2023, amounting to USD 4.45 million. The hefty sum is exacerbated by the damage to the company’s reputation, which can be challenging to put a price on.
Managers and business owners should consider investing in password management software to ensure the safekeeping of their employees’ credentials. Password managers can store multiple passwords for different accounts and often have generation tools to help users create stronger, more robust passwords.
Prioritizing Password Security as a Business Practice
Companies of all sizes should take password security seriously. Secure passwords may sound trivial or mundane for ordinary users, but they hold significant weight in business environments. Team leaders, managers and business owners should see them as necessary investments for business continuity and longevity.