Are you compromising security by the way you manage your passwords?

In today’s work environment there are more and more systems and applications that we regularly use, that require us to log in to them. Each will involve a password or PIN, which needs to be created and recorded.

At the same time, online crime has never been so prevalent and cyber security is a key issue for every business. Password management is a fundamental part of any organisation’s security measures.

Passwords should be complex and not easy to guess, yet a recent survey undertaken by the National Cyber Security Centre found that:

  • 15% of people used their pets’ names
  • 14% used the name of a family member
  • 13% chose a notable date
  • 6% used the name of the sports team they support
  • 6% still used the word “password”!

Perhaps that’s not too surprising, as people want ease of use, and a memorable password is easy! The more secure a password is, the more inconvenient it often feels. That trade-off between convenience and security can lead to complacency and security compromises.

Some tips for the secure management of passwords:

  1. Don’t keep them written down, and even if they are stored electronically in a document or list, they may not be secure if the file is not encrypted.
  2. Use a password management software application – there are now quite a number to choose from and they store your passwords in an encrypted environment. There will only be one password to remember – the one to access this software.
  3. Use separate passwords for separate functions – not the same password in multiple places.
  4. Use strong passwords – long, with a mixture of letters, numbers and characters, and not something that is easy to guess. Randomly generated passwords are particularly strong and often the password management software can generate one for you, store it and allow it to be copied and pasted without you ever having to type it out.
  5. Use multi-factor authentication. Many applications nowadays, especially those which involve financial transactions or the storage of data, force you to use a second layer of security. Others may give you the option of adding this. It usually involves a one-time code being generated at the point of logging in, and you need to input this as well as your password. Having multi-factor authentication on your password management software is, of course a must!

To discuss this in more detail, please give us a call or enter your contact details here.

«
»