Timeto Refresh Your Passwords
We often tend tobe creatures of habit, particularly when it comes to technology. Passwords area prime example. Many of us use the same logins for multiple websites andapplications because we don't have a photographic memory. A large percentageof users aren’t aware that this is one of the most significant security dangersthey can face online. It has a simple fix too.
Regularly, in thenews today, there are stories about major companies being hacked, theircustomer data stolen, and their customers left stranded. Hackers commonly usedata stolen from one site to access others where login credentials have beenreused between accounts. In some cases, access to bank accounts has beengained simply by using a compromised email account.
Businesses and individualscan face significant losses simply because a third party outside their controlhas been hacked or compromised.
The Danger Of Old Passwords
MySpace is a keyexample of why old and possibly forgotten services pose a security danger whenpasswords haven't been regularly changed. Once a thriving popular network, the use of MySpace services declineddrastically from 2007 onwards. While many people moved to new social networks,old accounts typically remained abandoned on their servers. Hundreds ofmillions of accounts remained on MySpace servers many years past the firm'speak.
In 2016, MySpacesuffered a data leak which exposed usernames, emails, and passwords of 360million user accounts. Shortly after the hack, these details were publishedonline for anyone to see. Many were used to access email accounts, servers,and accounts that shared the same details.
Even if you havenever had a MySpace or social media account personally, how many of youremployees or coworkers have one or more? Many have had more social media,forum, or game accounts than they care to remember. Have their passwords beenupdated since 2016?
Your businessnetwork protects your systems, work, and intellectual property. For many firmsit's the single most critical component, the backbone to business operations. Keeping it secure regardless of the number of people, staff or clients using itis a crucial task.
Consider how manypeople currently have access and how many of those may reuse their password onanother website or service. Just reusing your password once can expose you tothe hacking of a third party entirely out of your control.
Good securitypractice is to use a unique and strong password for every login you use. A strongpassword should include, where possible, capital letters, lowercase letters,numbers, and character symbols. Many consider this impractical or evenimpossible, but it is entirely achievable for every firm.
It is clearlyimpossible to manually remember a strong password for each one of the dozens oflogins needed today. Few would even attempt to. A password manager makesstoring, retrieving, and using unique passwords easy.
When using apassword manager, an individual is required to remember only one single strongpassword to access a database which contains a different login password foreach service. This database can be synced between multiple devices, saved andbacked up to the cloud, and even used to create strong passwords for you.
Password managerscan be used to implement security policies that demand zero password reuse,between services or over time, and set strict limits over the duration apassword can last. With the right policies in place, both your business and youremployees are protected against attacks from hackers that have compromisedthird-party sites.
The maximumrecommended lifetime of a password for any service is a single year. Make thestart of the calendar year the time which you refresh your passwords and startnew.
To help keep on top of your security andmake sure your firm is safe well into the new year, give us a call at 503-380-2027.