Passwords exist to protect you and your business, keeping safe all the money, data and more you store in online bank, office tools, social media and other accounts. Yet the more secure the password, the more difficult it is to remember.
Add the recommendation that passwords should be changed regularly to the typical 10, 20 or more accounts which require passwords for access that most of use and it’s clear why passwords have become such a big headache.
Many businesses leave it up to employees to look after their own passwords, but it is people who are the weakest link. Out of choice, many employees create easy-to-remember passwords, such as pet names or simple number sequences, but these are among the easiest to crack by hackers. Trying to remember a more secure but random combination of characters, such as gY3(m1X&, is a nightmare, so people often write down these difficult passwords on post-it notes stuck to their screens, which is like leaving the door to the office open when you go home at night.
How can you manage passwords in your business?
- Vigilance is the only answer. There are many useful tools, but none are foolproof. Review password management regularly to ensure security is maintained by everyone in your business.
- Develop and introduce a policy on creating, reviewing and refreshing passwords. While your policy might prohibit staff from sharing a password so a colleague can access an account for convenience, rules will always be broken, so changing passwords regularly will close any such breaches quickly. Many systems and services provide facilities for passwords to expire at set intervals, requiring users to change them to maintain uninterrupted usage, and for strong passwords to be used.
- To help with creating strong, complex passwords, use a random password generator, such as offered by Norton, to create passwords that are tough to crack. Don’t ever recycle or re-use passwords – always use a different password to what you’ve used previously.
- Use a password manager, such as 1Password or KeePass, to access all your passwords securely using one master password.
- Take advantage of all available facilities, such as two-factor authentication, to ensure that employees are not tricked into changing passwords so that they are revealed to hackers.
- Remember that, above all, vigilance is the only answer and the future of your business depends on it. Even password managers have weaknesses, with some suggesting you save master files with all your passwords, which can inevitably be lost or hacked.
A sound password policy and ongoing management can provide the high level of security you need to protect your business. If you’d like advice with developing these and putting them into practice, talk to FX7 Solutions and we’ll be happy to help.