As the old saying goes, “a chain is only as strong as its weakest link.” Unfortunately, the new saying is that a business network is only as secure as its employees’ passwords.
Despite widespread knowledge that hackers exploit weak passwords to breach entire systems, trusted workers still use ones that are easy to guess at and repeat them across platforms. If that seems counterintuitive, business leaders may want to consider these statistics.
What seems stunningly illogical about rampant password protection failures stems from this statistic: Approximately 90 percent of internet users say they are worried about getting hacked due to a compromised password. Industry leaders may be left scratching their heads. But as a decision-maker responsible for ensuring the integrity of digital assets, something needs to be done. You can set company policy that educates team members about how to create and remember strong network passwords. If that doesn’t work, there’s always Plan B.
Getting workers to create powerfully secure passwords may not be that difficult. Insisting on a series of unrelated letters, numbers, and characters will fend off most hackers. On the other hand, team members will likely lose productivity, resetting a difficult-to-remember login profile. Fortunately, a happy medium can be achieved without too much difficulty.
Passwords do not necessarily need to be obscure. They just need to be difficult for hackers to unveil. A password employing 8-10 characters can be hard to crack if done cleverly. For example, the too common “iloveyou” can be tweaked to “iLuv2Make$,” which could be a tough one. That’s largely because it uses untraditional “Luv” in place of the spelled-out word, employs uppercase letters, a symbol, and a number. All an employee has to do is remember the phrase “I Love To Make Money” as a trigger.
Repeated passwords also need to be addressed. Consider training those under your leadership to make variations on one primary password. In this case, it could include “uLuv2Make$2” or “iH82owe$.”
It’s also important to share the reason that complex passwords are necessary. Hackers have a toolkit at their disposal that typically includes brute-force and dictionary techniques. When brute-force attacks try to run every conceivable combination of letters and characters possible. This tends to be time-consuming, and digital thieves are likely to give up when faced with strong passwords. Dictionary attacks run common words at the profile. If your worker’s password is “sunshine,” consider your network breached.
Practical business leaders learn that human error ranks among the top reason things go sideways. Cybercriminals send out thousands of scam emails, knowing someone will open one, download a malicious file, or respond with critical information. Someone will make a mistake. Given that your financial future can be one mistake away from ruin, organizations are using multi-factor authentication as a fallback defense.
Multi-factor authentication requires employees to receive and enter a secondary code before gaining access to the network. This may be sent to another device that hackers cannot access. In some instances, an email alert is sent that must be approved. Even if someone foolishly uses “password123,” a cybercriminal would still need to know the authentication code or approve login access to upend your network.
If you are concerned about password security, consider working with a managed IT professional to educate employees about password protection, and install multi-factor authentication just in case.
Thanks for helping us upgrade our Macs and get them working exactly as our business needs! Fast, convenient and very knowledgeable! You’re the best!
Alary Technologies has been our IT support team for the past year at the START Clinic for Mood and Anxiety Disorders. They have done a excellent job in upgrading our system, organization, and supporting us in technical computer matters. Compared to other IT companies we have worked with, Alary Technologies comes on top. Ahmed Kufaishi the Managing Director at Alary Technologies is solution focused, knowledgeable and makes an effort to really understand his clients’ needs. It has been a pleasure to work with Ahmed and Alary Technologies. I would recommend their services to other companies and clinics.
“We continue to work with Alary Technologies due to the fact that they are quite educated and knowledge based with current upgrades, and their commitment to their customers.”
Ahmed has been providing our company with expert IT services for close to 3 years. He has guided us through hardware upgrades, server back up procedures and was instrumental in brokering a custom software program that fully automated some key functions in our business. Ahmed has always been thoroughly professional in all his dealings with us and has provided consistent and sound advise for all of our IT requirements. We consider Ahmed and Alary Technologies to be an important partner for our business.
It is refreshing to work with someone who can organize things and describe in plain language. I have a large and growing knowledge base for my work as an architect. I have realized that I can’t do everything, that I do need a team member who can look after this one relatively small by crucial part of my practice.