It’s simple. Make sure that your passwords are strong and unique. Don’t use your birth date, phone number, social security number, family members name or your pet’s name – these can be easily guessed by a cyber crook usually just by looking over your social profiles.
It’s also important that you don’t reuse passwords between your accounts or change them too often. Although this may sound counter-intuitive, frequent updates to passwords often result in “password1”, “password2” patterns and these are easy to uncover.
Unfortunately, it’s not uncommon in our current culture to face major security breaches on our favorite platforms, such as the recent ones that involved LinkedIn, MySpace and Tumblr, where hundreds of accounts details went for sale on the dark web. Think about it. If you used the same pass everywhere, attackers would be able to quickly access all of your other accounts quickly (and they know it).
The bottom-line is that breaches are on the rise year over year and according to Netherlands-based security firm Gemalto, more than 2.6 billion records were breached in 2017, which breaks down to:
- 1 million lost records every day
- 300,000 every hour
- 5,000 every minute
- 82 every second
To put that in perspective, there were “only” 1.6 billion records lost or stolen in 2016 — in other words, there’s been a 163% increase in breached records. These numbers could be even higher, but nearly 60% of the total breaches include an unknown or unreported number of compromised records (similar to the Yahoo breach, which was reported as a larger breach over time – now listed at 3 billion-plus records).
Prioritizing breach-prevention tools and policies is extremely critical for small businesses. Hackers know small businesses have less resources to counter their efforts (whether it be shortage of staff or budget), and have targeted them at an alarming and increasing rate each year, according to Symantec’s Internet Security Threat Report.
What’s more alarming than that? Almost 90% of small business owners don’t feel like they’re at risk of experiencing a breach.
LAST YEARS STATISTICS
According to Statista.com, 22% of respondents stated that they used different passwords for every online login.
Password management company Keeper Security released a list of the most common passwords of 2017 and the most common password, making up nearly 17% of the 10 million passwords the company analyzed, was “123456.”
See their reported top 25 passwords below:
KEEPING YOUR PASSWORDS SAFE
After you determine your password for various platforms, avoid writing them down at all costs. This includes creating an Excel spreadsheet or an office document for your team to share.
Instead, start using a password manager, such as LastPass. It will remember all of your passwords and store them in a secure way. This way, you’ll only have to remember one master password, the one for your main LastPass account.
In addition, avoid using the “REMEMBER PASSWORD” option on websites. With the convenience of being remembered by your favorite platforms comes the ability for crooks to effortlessly cruise right into your cyber world.
When it comes to creating your passwords, consider these best practices:
Adopt the 8 + 4 Rule
This rule helps you to build passwords that are strong as steel. Use eight characters with one upper and one lower case, a special character like as asterisk and a number. The more random the better.
Keep Symbols/Numbers Separate
Here’s another hint for an effective password policy to foil hackers. Make sure the numbers and symbols are spread out through the password. Bunching them up makes the password easier to hack.
Don’t Make it Personal
Everyone involved in a small business needs to understand there’s a big difference between security and convenience when it comes to passwords. It needs to be clear using personal information like your first name and birth date is a recipe for disaster. If a hacker ever gets his hands on company HR data, this information will be the first set of combinations he tries.
Avoid Dictionary Words
It might sound safe to go to the dictionary for a password, but hackers actually have programs that search through tens of thousands of these words. Dictionary attack programs have been around for years.
Abbreviations are usually immune to dictionary attacks. So TSWCOT for The Sun will Come Out Tomorrow is a good choice for a secure password. Remember to add symbols and numbers.
Stay Away from Acronyms
Don’t use these as a shortcut to identifying your department or who you are. It might be temping for an accountant to use CPA. However, that opens a cybersecurity door wide enough for a hacker to walk right through.
Don’t become a statistic this year and help keep your employees safe as well.
HOW TO OBSERVE
Celebrate World Password Day by visiting PasswordDay.org and taking the World Password Day pledge, sharing a password tip on social media, changing an old password to a long, strong one or by turning on two-factor authentication for your important accounts.
Security researcher Mark Burnett first encouraged people to have a “password day,” where they update important passwords in his 2005 book Perfect Passwords. Inspired by his idea, Intel Security took the initiative to declare the first Thursday in May World Password Day in May 2013. Submitted by Big Monocle in 2016, Password Day is meant to create awareness of the need for good password security.
ABOUT BIG MONOCLE
Founded in 2012, Big Monocle designs creative branding and marketing that tells impactful stories. Their growing, energetic team of talented professionals focus on developing experiences and connecting with every client.
Passwords are a dying breed. Every company and security firm across the globe know it's only a matter of time before even the most complicated password is cracked. Because of this, the traditional password must be phased out. The public has already seen bits and pieces of this, such as two-factor authentication (push notifications) and biometric scanning (fingerprints), but here are a few of the ways the traditional password might be replaced in the future:
PayPal would like the public to 'wear' chips underneath their skin or 'eat' sensors that would directly communicate with your heart and wireless antennae.
A security firm based in Sweden has developed software that recognizes the way you type, much like the way you write.
Out of Alabama, a group is working on utilizing Bluetooth or "a short-range, wireless communication channel" to identify you as the proper user. Once identified, you will automatically be logged into your account.
The security firm, Nuance, is working on voiceprint technology. Like a fingerprint, your voice cannot be replicated and may add an extra layer of security to your 'password.'
This type of technology is already being used in vehicles by Canberra to detect fatigue while driving and can potentially be used to secure accounts, homes and applications.
What Should You Remember?
Like mentioned previously, it's only a matter of time before your password is cracked. But, 'time' is also your greatest ally. Secure your most important accounts with a complex password that takes time to crack. If it's easy to remember and can be found in a dictionary, you'll be one of the first to go.
Business owners in Tulsa, OK, trust Newave Solutions for all their managed IT services. Offering everything from desktop support to cybersecurity solutions, they’ll protect your valuable information while monitoring your system for ongoing threats. Visit their website for more details about what they offer and how they can assist, or call them at (918) 289-2093 to speak with a friendly representative today.