Password Security Is More Important Than Ever
With the spark of the global pandemic we know as COVID-19, many employers have opted to have their staff work from home. With this comes the use of our home Wi-Fi; no longer being used just for entertainment; it is now the means to connect with our workplace and schools. It is more imperative than ever before that the passwords we use are secure, making sure that sensitive information stays safe.
A lot of people use weak passwords, such as their birthday, child’s birthday, or favourite word because they are easy to remember. More than likely they use variations of this password to meet requirements, by adding uppercase letters or numbers so the same password ends up being reused multiple times. It’s not an ideal defence to protect your most sensitive information against hackers or cybersecurity threats, especially for corporations or individuals that have a lot to lose.
Should a website become breached, information such as usernames, passwords, date of birth, home address’, and other personally identifiable information are now publicly available and can be posted on online forums where malicious hackers can use that information against you.
By implementing password managers, individuals and companies avoid reusing their passwords because now they can generate completely random passwords that are stored within an encrypted database that require only one master password to log in. Using discrete random passwords for each application or site can limit multiple logins becoming compromised. The master password is the only one that you need to remember. Password Managers offer random password generation, pervasive two-factor authentication, team password sharing and encrypted storage.
What Can You Do?
With the multitude of programs, we use daily at work or school; it can be hard to think of let alone remember each password, resulting in the same password across multiple platforms. Is this safe? No! This leaves personal and professional documents open to threats. Each year there are password leaks that occur on websites; even websites for large corporate brands you know; exposing your information to attack. With your email, login and password, anyone with malicious intent could try the combinations on other sites. If you use the same login and password credentials on multiple platforms this could give someone access to all your accounts. Websites such as https://haveibeenpwned.com/ are a no-cost option to see if a personal or corporate email has suffered from breaches.
Password Managers such as Dashlane, LastPass and 1Password are easy to implement and even better; they are easy to use. With the ability to create random passwords and store them in a secured space, individuals and employees no longer need easy to remember passwords. There are added security features including two-factor authentication, team password sharing and encrypted storage for credit cards and bank account information.
Random Password Generation
Random passwords can be generated by a software program or hardware device that takes input from a random number generator and automatically creates a password, making it difficult to guess should a dictionary attack occur.
There are so many password policies with complex rules around upper- or lower-case letters, numbers, symbols, etc.… that it can be hard to manually create a password. A password generator allows users to customize the length, include or exclude various characters and add numbers without having to think of the placement or worry about remembering it.
Two-Factor Authentication (2FA)
It is a combination of two different factors to confirm that a user is who they say they are. It usually includes an item they possess, something they know or something they are. Some examples include a phone call or text message to a previously set up number that only the individual would have access to, or a one-time code sent to their email address. Passwords alone, are no security at all, adding 2FA will help to decrease the likelihood of being hacked.
Smartphones such as iPhone, Android or Windows 10 have apps that enable the phone itself to become the second authentication factor. In some cases, phones that are equipped with GPS can verify an individual’s location to authenticate the person signing in.
Team Password Sharing
If having multiple logins to one website is not necessary or desired, password sharing is a fast and easy way to securely share your login details amongst a team of people. It can be used in personal or professional capacities where multiple users require access to the same account. Some examples of where this tool could be useful include vendor platforms, online banking, online e-signature subscriptions or any website where there are fees for additional licenses.
When sharing passwords; full or limited access can be given, with limited access it encrypts the login details so the user cannot see the actual password but will still have the ability to login to the website, it also restricts the ability to make changes to the login details. Allowing one person to control the information keeps things easy and secure. With corporate social media accounts, the manager can share the password, allowing other team members to post on the feed without revealing the password to any of them. If access needs to be removed, it is easy and doesn’t require the need to change the password but IT professionals will suggest that a new password be used just in case.
Want to Know More?
Fear of your information being leaked and made available to malicious hackers should not create challenges in managing your day to day online activities. Fusion has the knowledge and resources to make sure your information is secure while streamlining the password management process to be more efficient for you.
Call Fusion today for more information
Having to remember multiple passwords can be difficult for people and reusing the same password in different ways is usually the easiest solution but it leaves companies vulnerable to leaks and malicious attacks. Implementing safe and secure Password Managers is an excellent way to ensure that random and hard to crack passwords are used. With the information being saved in an encrypted database, employees no longer need to worry about their sensitive personal and corporate information being leaked. Utilizing one master password along with two-factor authentication makes sure that only the right people will gain the access they need. Cybersecurity is a key component for any company, introducing Password Managers such as Dashlane, Last Pass, 1Password or Bitwarden is a step in the right direction to a more secure and efficient workplace. Contact Fusion Computing today to learn more about Password Managers and how they apply to your specific situation.
Related Resources
Not Sure Where Your IT Stands?
Our free IT assessment gives you a clear picture of your infrastructure, security gaps, and opportunities. No obligation, no sales pressure.
Frequently Asked Questions
Why are weak passwords still such a common security problem?
People tend to choose passwords that are easy to remember, such as birthdays, names, or simple word variations. These are also the easiest for attackers to guess or crack. Many people reuse the same password across multiple accounts, which means one breach can expose many accounts. Convenience consistently wins over security when people manage passwords manually.
What makes a password truly secure?
A secure password is long, random, and unique to each account. At least 16 characters with a mix of uppercase and lowercase letters, numbers, and symbols is a solid baseline. The key is randomness. A password manager can generate and store these for you, so you don’t have to remember a unique complex password for every single account.
What is a password manager and is it safe to use one?
A password manager stores all your passwords in an encrypted database protected by one strong master password. It can also generate random, unique passwords for every site. Reputable password managers use strong encryption standards and are far safer than reusing passwords or writing them down. If one account is breached, your other accounts stay protected.
How does multi-factor authentication add protection beyond a password?
Multi-factor authentication requires a second verification step after you enter your password, such as a code from an authenticator app or a text message. Even if someone steals your password, they can’t access your account without that second factor. MFA is one of the most impactful security controls any individual or business can enable.
What should I do if a website I use has been breached?
Change your password for that site immediately and change it on any other site where you used the same or a similar password. Check if any of your accounts show unusual activity. Services like Have I Been Pwned let you check if your email address appears in known breach datasets. Enable MFA on the affected account and any other important accounts.
How can companies enforce strong password practices for employees?
Technical controls are more reliable than policy alone. Enforce password complexity and length requirements through your identity management system. Require multi-factor authentication for all business accounts, especially email and any system with sensitive data. Deploy a business password manager so employees can use strong, unique passwords without memorizing them.
