Passwords are the backbone of any organization’s cybersecurity strategy but poorly controlled passwords are also the biggest threat to an organization’s security. Weak password management can leave enterprises vulnerable to data loss and privacy violations
According to Clara Angotti, President & Co-Founder at Next Pathway, the largest security breach over the past year was due to an unsecured password.
Angotti tells Digital Journal that cracking weak passwords will pay dividends for internal security: “One of the most powerful yet simple ways to improve any organization’s security posture is by enforcing strong password management policies and practicing good password hygiene, as passwords are critical gatekeepers to our digital identities and information.”
Angotti is of the view that organizations must enforce strong password management policies. This means that “Organizations should train employees on company password policies and procedures to enhance password security.”
Top password tips include (with additional information from Infrascale):
Be Unpredictable
There are two common password attacks – Brute Force and Dictionary attacks. Both generally involve a bot, but can also be done manually, and involve trying a sequence of numbers and/or common words like 123456 – hence trying to crack a password using “brute force” or common “dictionary” words. To minimize this type of exposure, don’t make your passwords predictable.
Be Creative
Related to being unpredictable, consider creating a phrase and use the first or second letter of each word, or substitute a special character for letters and/or numbers.
Be Long
The longer the password, the more possible combination and permutations of the password there are, and thereby the safer they generally are.
Be Smart
One of the more common reasons passwords are compromised is because people share their credentials. Also, be mindful of phishing – this is where you receive an email or text message asking for you to confirm your details or take some other action where you need to enter your personal credentials.
Be Fresh
Refresh your passwords regularly. While it may seem onerous, and even if you think you have finally come up with the most secure password ever, one of the best ways to protect your password is to change it up regularly.
The basis of this is training, a process that “should cover how to come up with a strong password and employees should be advised against using the same passwords across multiple applications and systems. Using the same password for different accounts increases the chances of accounts being hacked. If one account is compromised, all other accounts with that same password are at risk.”