It’s National Password Day!
As it’s national password day we’ve decided to throw some password statistics your way and tell you how you can improve your overall password security.
According to Last Pass’ Psychology of Passwords Report, 91% of people know they should not use the same password, or a variation of the same password for different logins? but the statistics show that 66% still do.
Only 51% of people are using MFA (Multifactor Authentication) for personal accounts, which is a protection method that allows you to have additional security controls to protect your logins (such as a unique one-time password being sent to your phone). In business that statistic is even lower, just 36% of people use MFA for work related accounts.
It seems that cognitive dissonance is the main issue when it comes to password best practices as statistics show people ARE educated on what to they need to do but do the opposite anyway as they don?t believe they are a worthy target for any serious cyber criminal. The truth is that an attacker can make up to ?100 off your personal information alone, this doesn?t take into account them accessing your accounts, banking logins etc. Once your personal information is sold, it can then be used to take out loans, credit cards and other forms of credit and ID fraud without you knowing, until it?s too late.
It may seem obvious but good password hygiene is one of the most effective methods of protecting yourself. Using strong complex passwords means that they are harder to crack, using unique passwords across all logins means when one account is compromised the rest can still be safe and using a form of MFA gives layered protection and can act as an early warning sign. Here are a few best practices for password security:
- The longer the better ? All passwords should be at least 12 characters long. Password this long or longer are very difficult to decrypt.
- Create complex passwords ? Use UPPERCASE, lowercase, numbers and symbols in your passwords.
- Don?t share your passwords with anyone ? Sharing your passwords greatly increases the threat of your accounts being hacked.
- Use a different password for every account ? Cyber Criminals use stolen credentials to try and hack multiple accounts on different websites.
- You should always use MFA or 2FA where possible.
If you are a business owner you should ensure your team:
- NEVER use your business credentials on a 3rd party website or for any software outside of your business environment.
- NEVER use your business credentials on equipment that has not been authorised by your employer.
- DO NOT leave your username and password anywhere unsecured, where others may gain access to it.
- DO NOT use any unauthorised equipment with your business assets including but not limited to USB keys that have not been checked for malware, plug-in devices like hard drives and mobile devices.
Cyber Wise has a powerful, cost-effective and easy to implement password management solution to the issues we?ve discussed in this blog, contact us to find out more about how we can help your business.