• Security
  • 06/05/2021
World Password Day – Is my password secure enough?

Coined by Intel in 2013, World Password Day falls on the first Thursday of May every year and was created to promote good password management strategies for you and your organisation.

In this short blog, we’ll look at some of the steps you can take to help secure your organisation from cyber criminals.

The dangers of a poor password

In previous blog posts we’ve touched upon the growing number of cyber attacks to have taken place in the last 12 months, with that trend showing no sign of slowing down. Whilst a strong password is by no means a sure-fire way to stay out of a cyber criminal’s crosshairs, it can offer a lot more protection than using something as generic as ‘Password1!’.

The other worrying trend, as revealed by LastPass, shows that whilst 92% of us in the UK know that using the same or a variation of the same password is a risk, 50% of us continue to do it regardless.

A quick Google search for ‘data breach’ or ‘cyber attack’ offers some insight into the sheer volume and frequency these are now taking place, with just one breach having the potential to offer an easy backdoor into your online banking, social media or email accounts.

So, what can be done?

Jonah Stein, co-founder of UNS Project – a password-free login tool – once said that ‘Passwords are a 60-year-old solution built on a 5,000-year-old idea’, and he’s not wrong. Unlocking your smartphone can now be done with biometric data, whilst some banks offer a security key for online transactions.

Options such as these are much harder for a cyber criminal to crack, or imitate, as opposed to getting into your email account and it’s not a radical thought that these practices may become the norm in the not-so-distant future. However, for the time being, passwords are still widely used and we should ensure we’re doing all we can to make them as secure as possible.

Good password procedures

So, until we are in a ‘passwordless’ society, we’ve put together a few steps you should aim to follow to give yourself the best defences possible:

  • Configure a minimum password length – we’d recommend around 11 characters at a minimum.
  • Use complex passwords, including special characters, numbers and upper/lower case letters.
  • Steer away from common dictionary words.
  • Never write down passwords, especially not on a sticky note kept on the corresponding device.
  • Never use the same password across multiple systems; use a unique one for each.
  • Use Multi-Factor Authentication – Microsoft estimate this prevents 99.9% of all attacks.
  • Use a password manager to store all your passwords in one secure location.
  • Train your staff on cyber security best practices.

The last word

Sadly, it’s no longer uncommon for your credentials to have leaked online in some capacity or data breach. Sites such as ‘haveibeenpwned can search the Dark Web for your details and offer peace of mind on an induvial level. At a company level, it is somewhat harder to check, although we touched on how you can go about finding the answer to this in a blog post recently.

A password is, in many cases, just a string of characters, numbers and symbols that keeps people out of our personal and professional accounts. Some of us may be better than others when it comes to following best practices, however, we can all continue to do better.

The steps we outlined are by no means a definitive guide to password best practices, but they offer a good base to build up from. If you would like to hear more, we run monthly cyber security sessions, check the Events Page of our website, or head to our Eventbrite profile for more information.

Additionally, get in touch with our team and we’ll be more than happy to help.

Recent Post

The Cloud Question

Security

Are IT preconceptions holding the business back?

Security

How secure is the Cloud?

Security

Do we value our data enough to protect it?

Security

Privacy or anonymity? - Which is more important in the digital era?

Security

Related Posts

  • Security
  • Jan

Do we value our data enough to protect it?

I’m sure you know yourself. You know your business. Of course you want to protect everything in it,

Read More
  • Security
  • Jan

Privacy or anonymity? - Which is more important in the digital era?

Technology is evolving quicker than most peoples’ ability to understand it; therefore it is increasi

Read More
  • Security
  • Jan

If all computers are vulnerable, how strong are your security defences?

You should now understand the difference between Privacy, Anonymity and Pseudonymity. which should l

Read More
  • Security
  • Jan

The Cyber Security Landscape - Best Practices to Protect Your Business Data

What business owners consider to be valuable assets will vary from one business owner to another  bu

Read More