Hackers stealing passwords for millions of accounts; cyber-criminals committing identity theft; data protection rules being breached… It seems that network security issues are seldom far from the top of the news.
With mobile devices such as smartphones and tablets being particularly vulnerable to loss or theft, encouraging best practice in the creation and use of secure passwords is essential for businesses of all sizes.
Research shows that 98.8% of people share the same 10,000 passwords. Nearly one in six people would recognise their password from a list of the top ten. Around 15% of iPhone users share the same 5 numerical passcodes to unlock the device.
One short answer to why so few passwords are shared among so many is: People are lazy. However, this blunt generalisation is somewhat unfair. Laziness may be a factor, but then so is the problem of memory. Remembering unique passwords for the dozens of accounts we have is difficult. Few things are more frustrating than a forgotten password when you are in a rush.
When popular wisdom is not to write passwords down, how do we go about remembering?
Many of us use things we can’t forget. But we’re warned not to use personal data based passwords such as dates and places of birth. Others use obvious patterns or sequences naturally present on keyboards or number pads, but these too are vulnerable.
Some password services let you manage your passwords for different accounts from a single point of reference, however, inevitably, these are all protected… by a single password.
‘Something you have’ is the principle behind SecurID. This is a technology that uses a key fob to generate an authentication code which users enter in conjunction with the normal password. However, such technology is not without cost and a fob can be lost or stolen along with a mobile computing device.
However, you don’t have to spend money to tighten up your password security. Adopting a disciplined and commonsense approach to passwords costs you nothing while significantly reducing your vulnerability to security breaches. Three good tips for sharpening your business’ approach to passwords are:
Don’t use identifiable patterns for passwords. Avoid keyboard sequentials, such as ‘QWERTY’ or ‘123456’. On number pads don’t use memorable patterns such as ‘2580’, which is simply a vertical swipe from top to bottom, or anything similar.
Length is a key factor in determining the strength of passwords. Use one with at least 24 characters. This does not have to be difficult remember. The best advice is to use a series of random disassociated words in a single string, such as ‘brickfootballHelsinkicat’ (24 characters!)
Change your password often. Administrators should configure domain accounts to force password changes at least every three months.
Paralogic provides a consultative approach to help your business obtain the appropriate level of security. If you need a trusted technology partner to help with any aspect of network, mobile device or BYOD security simply fill in the form on the right or call us on 01844 293 330.
Click here to read the article ‘How safe is your password?‘ at independent.co.uk
For more than 20 years, Paralogic has been working with small and medium sized businesses, providing IT support and services they can rely on. We’re thrilled, therefore, to be named among the best British MSPs,…Read More
The European Union’s General Data Protection Regulation (GDPR) is the most significant shake up of information security for many years. Despite the toughening of rules and the harsh treatment of companies by regulators and the…Read More