Ask any cybersecurity expert, and they’ll tell you that passwords are not enough. Yet none of them will insist on getting rid of passwords altogether.
That’s because even though it’s relatively easy to hack one, a password is still an essential layer of protection. Because when it comes to crime, time is of the essence — the longer it takes for thieves to break in, the more likely they’ll be caught.
That’s a cybersecurity lesson Florida businesses should take to heart. The Sunshine State comes second only to California in the list of states with the largest losses due to reported cybercrime in 2019. You wouldn’t want your business to join the growing list of cybercrime victims. So do invest in firewalls, use multifactor authentication for your devices, and buy the right antivirus software. But don’t pass up on passwords.
And since your aim is to deter criminals, come up with passwords that are difficult to decipher even for brute force cracking software that’s capable of unscrambling 10-character passwords in seconds. What’s more, you need to manage your passwords properly. Make sure you’ve not fallen into some bad password habits that, sadly, are still quite common today.
Make sure you’ve not fallen into some bad password habits that, sadly, are still quite common today.
What are bad password habits?
But first, why focus on the bad and not the good? Well, good password habits are like flossing your teeth — everyone agrees they’re good for you, but many find it hard to do. Happily, avoiding bad password habits is easier to remember and implement.
Here are five of the most common bad habits and how to fix them. Just use this mnemonic device: “SPEL Bee: Same, Personal, Email, Liberal, Browser.”
#1 Same: Don’t use the same password in all your online platforms.
Sadly, this is one of the most persistent mistakes people make. It puts all your platforms at risk. Once a hacker figures out your password, they can access all your platforms. Remember: if it makes your life easier to have the same password, then it’s easier for hackers to access all your stuff, too.
How to fix this? Don’t use those free random password generators you see online. Instead, use a trusted password manager software that will help you generate strong, unique passwords and manage them.
#2 Personal: Don’t use your personal information.
It’s understandable why you’d want to set your spouse's name, the name of your street, or your birthday as your password — they’re easy to remember. However, this also makes it easier for hackers to guess your password, especially if you’ve posted such information on your social media accounts.
How to fix this? A requirement for a strong password is its length; it should have at least 16 characters. Instead of using your personal information, create a passphrase that consists of several words strung together to form a phrase or a sentence. To make it memorable, use a quote from your favorite movie, book, or poem. To make it complex, replace certain words with numbers or symbols, and use capital and lowercase letters. Some examples:
#3 Email: Don’t share a password through email.
Email is not the most secure means of communication online. Often it’s unencrypted, easily intercepted, and stored in several servers, so it’s not easy to delete. A hacker won’t have a hard time getting a hold of your password if it’s shared via email. The only time passwords are sent through email is if they’re temporary ones.
How to fix this? Should you need to share a password, do it offline so you can easily destroy the slip of paper containing it. And should you need to reset your password, be on the lookout for the temporary password in your inbox. As soon as you receive the email, change your password immediately.
#4 Liberal: Don’t be liberal in sharing your passwords.
Office passwords are on a need-to-know basis. So make sure you don’t just share them with anyone, not even with someone who’s in the same company but works in a different team or department. All it takes is for a careless employee to slip up or a resentful staff member intending to harm the company, and you’ll have a breach on your hands.
How to fix this? Limit employee access to particular company platforms. Change passwords regularly. And should a staff member resign, make sure to remove their access credentials as soon as possible.
#5 Browser: Don’t save your password in your browser.
It’s convenient to use a browser’s autofill function — you won’t need to memorize all those long and complex passwords. But should your laptop fall into the wrong hands, they’ll have immediate access to all the sites you’ve logged on.
How to fix it? Use a password manager that has a browser extension, but be careful when choosing one. There have been some nasty breaches in the past involving browser extensions. But developers today are aware of such vulnerabilities, so they’re always monitoring their software for bugs and patch them before they leak to the public.
Passwords are just the tip of the iceberg. If you want to beef up your cybersecurity, then partner with us at HERO Managed Services, LLC. We provide advanced IT solutions to keep your network safe so that you can grow your business with confidence. If you’re in Tampa, Sarasota, or Orlando areas, get in touch with us today.