Updated Feb. 27, 2020
47% of small businesses have no understanding of how to protect themselves against cyber attacks.
If this is the case, start by reevaluating your passwords.
63% of confirmed data breaches leverage a weak, default, or stolen password. According to SplashData, the most commonly used passwords in 2019 were “123456,” “12345678,” and “qwerty.” Although, using the word “password” as a password moved from the top of the list to the fourth most commonly used, which shows slight progress. Now it may seem like common sense not to use those passwords, but clearly that isn’t the case because the usage is still so high.
If you think your password is safe because it isn’t that obvious, it may not be much better. If you use the same password over and over for multiple accounts, your password is at the same risk. If a hacker figures out your password for one account, they’ve got the keys to the kingdom. Remember, hackers do this for a living. While you are working 9:00 to 5:00 at your office job, they are working double that to scrape up data that will allow them to breach your system.
63% of confirmed data breaches leverage a weak, default, or stolen password. What can be done to prevent this?
Require Multiple Passwords for Different Areas
Though employees may complain and say that using the same one through all company networks saves them time, it also makes it easier for cybercriminals to crack a system once to access your entire network. Having different logins for different servers or security areas could limit access – even from your own staff.
Don’t Use Personal Details in Passwords
Some prefer easy passwords like a family pet, a maiden name, a neighborhood or a birthday. But these are easier to guess. Nothing is truly private anymore, making it easy for hackers to scrape personal data from social networking sites.
Create Time Limits
Managers can encourage employees to log out every time they get up or put down their phones. But a policy like this will rarely be 100% effective unless their desktop and mobile devices are programmed to automatically lock up after a short amount of time. They won’t just go to sleep, which is a common energy-saving task but also require a login to reactivate. This could cause some gripes, but better security can be worth a few extra seconds. A directive can also be offered to make sure passwords are not placed in obvious places, like on a sticky note on a monitor.
Discourage Auto-Logins
Some sites remember your passwords and other credentials by putting a ‘cookie’ into your system. This makes pages load faster and doesn’t require a login on every visit. However, this can create security concerns, especially for unauthorized access to a computer or device history.
Try a Password Manager
This type of software can help people customize their passwords, with random letters, numbers and characters. It also can create longer strings that are more difficult to guess (12 letters instead of the common 5 or 6). These can also have a shorter lifespan than a personal password that may never expire. A generated password may only last a day or a week until a new one is created and issued. This policy can also deter hacking efforts – if someone tries an older password, it may not work, or could even set off alerts for improper access.
Set Up Two-Factor Authentication (2FA)
Most platforms today have the option to set up 2FA on your account, which adds an extra layer of security beyond your password. Once your password is entered, the next step to log in is to enter a code that is sent to your phone or a one-time code generated by an app. That way, you can be proactive in a situation where you get a 2FA ping to your phone but weren’t trying to log in.
Integris is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (888) 330-8088 or send us an email at [email protected] for more information.
Want more from your IT provider? We know change is hard.
A conversation is a great place to start. Contact us to set up a call.
