It’s estimated that more than half of all people online rely on simple passwords that are easy to remember and that the vast majority use the same password for multiple digital accounts, from banking to streaming services and social media sites. The problem with this is that while simple passwords are simple to remember, they’re also simple to guess.
When it comes to personal digital activity, how people manage their password security is up to them – but it’s a different matter when it comes to your business.The trend of picking simple and easy-to-remember passwords probably stems from the fact most of us have been conditioned to never write down our login credentials – and if you can’t write them down, how else are you supposed to remember a million unique combinations?
If your organisation is serious about safeguarding against cyber threats then password administration and management is essential to ensure the data you hold and manage isn’t vulnerable to cybercrime.
Forcing employees to follow a password management policy means they are less likely to use simple passwords or, worse, the same passwords for both work and personal accounts.
Having strong login credentials makes it much harder for hackers to access your systems (and remember, it’s not just your data that’s at risk – because any chain is only as strong as its weakest link, it’s your whole digital infrastructure on the line) and having a good password management system removes the need for your people to remember complex password combinations.
Password management – a definition
There are various ways for attackers to access accounts without permission, from login spoofing (when thieves create false login pages to harvest credentials), to utilising tools like keyloggers that track every keystroke to identify and then steal passwords. Yet despite the fact that password theft has become increasingly sophisticated, many businesses continue to operate without any consistent password management systems in place – in effect, relying on their workers to be responsible for the digital security of the organisation.
And while it might be easier to simply fall back on the “forgotten password” option rather than establishing rules for password creation and management, good password management often combines policies, best practice and technologies to provide security resilience at every entry point to your systems.
What does a good password management policy look like?
A solid password management policy specifies the guidelines you want to put in place to manage passwords and explains what a user should do in the event of a security breach.
The complexity of your password management policy is for the organisation to define, and depending on how sensitive your systems and data might be it could be anything from a comprehensive exposition of procedures and guidelines or a few straightforward rules.
But at the very least your policy should include tips for best practice, such as avoiding identifying information like names and birthdays, and using a random assortment of capital and lowercase letters, numbers, and symbols. There should also be advice on when and how often passwords should be changed.
What to do in the event of a security breach
Make sure your staff is aware of the steps they should take if they believe their data has been compromised. This information should be an integral part of the on-boarding process for new hires so that everyone is clear on the standards for password management from the moment they join the organisation.
The benefits of password management software
Strong passwords that are safely saved within password management software, or password manager, removes the problem of your people having to use and remember complex passwords.The password manager automatically fills in the appropriate password into programmes and websites and by allowing each password-protected software and application to have its own password, the error of using the same password for several accounts is eliminated. There are a variety of password managers to choose from, meaning there will always be an option to suit your particular business, whether this is in the form of browser extensions, PC and/or mobile software, or mobile apps.
Can a password manager be hacked?
The short answer is that in theory any software or programme can potentially be hacked. But because a password manager supplied by a reputable provider will benefit from multiple security and encryption layers, the risks are relatively minimal.Additionally, users typically need to pass through a different obstacle, such as multi factor authentication, in order to retrieve their passwords. As an added bonus, our credentials are kept secure and accessible whenever you need them with password management software.
If you’d like to find out more about how to secure your devices and IT infrastructure with password management, please contact us to speak with a member of our friendly team.