As network security software gets stronger and more able to adapt to the tactics used by hackers to breach your system, the more those criminals target other methods of entry, like login passwords.
If they can hack a user’s password, then they get a legitimate way in and can download whatever malicious scripts they like into your system, bypassing many security watchdogs.
This makes password and login security all the more important for any company, and especially those in the financial services and asset management sectors, who are safeguarding significant amounts of sensitive financial data.
Hacked passwords are the reason for 81% of data breaches. (CSO)
The prevalence of cybercriminals focusing on passwords as a mode of entry into a network is evident in the statistics. From 2014 to 2016, data breaches that involved either weak or stolen passwords increased from 50% of the incidents to 81%.
We help investment and financial services company in NYC and the New Jersey area daily with cybersecurity to keep their data and networks secure. Our Triada Networks IT Security Team uses an approach that covers everything from anti-phishing software to user education, and part of that includes closing off weak or stolen logins as a mode of entry for hackers.
A simple solution for securing the password mode of entry is to use a combination of strong password management and multifactor authentication.
In this article, we’ll look at both best practices and how they work together to add a necessary component to any company’s cybersecurity action plan.
What are Password Management Best Practices?
Data breaches cost companies more than just the immediate cost of a fix to seal the leak. Losses from a beach that compromises your clients’ data come from multiple sources, such as:
- Loss of customers due to reputation damage
- Regulatory fines
- Detection and escalation costs
- Post data breach response costs
- Breach notification costs
Since stolen or weak (and easily guessed) passwords have become a main entry point for data breaches, instituting strong password management is a key requirement for good corporate IT security.
So, what does strong password management look like? Here are some of the core elements.
Using Passwords that are Hard to Hack
Many people use simple passwords because they’re easy to remember. They might be a pet’s name, a favorite sports team, or simply the more common than you think, “letmein.” Hackers have a list of the most common passwords and use that first when trying to hack a network.
Strong passwords include:
- 7-10 characters in length minimum
- Combination of letters, numbers, and special characters
- Using both upper and lower-case letters
- Incorporating uncommon words or phrases
Not Using the Same Password for Multiple Logins
In a recent analysis by Statista, only 20% of respondents say they used a different password for each online account. Most users use only a few different passwords that are used for everything, but that means hackers only need to steal one password to get into multiple accounts.
Using different passwords for every different account login makes it harder for hackers to breach everything with a single password.
Password Management Software
The easiest way to manage strong passwords that are different for every account is to use a good password management tool. These tools generate difficult-to-hack passwords for you that are unique to each login and keep them secure and accessible. All you have to do is remember one strong password to access all the others.
Don’t Leave Passwords Written Down on Devices
Do any of your staff have a sticky note with a login password taped to their desktop, laptop, or tablet? While it makes it easier to not accidentally get locked out, it also makes it incredibly easy for anyone else to get into your system. If passwords need to be written down, make sure they’re not near the device they’re for and that they’re locked away securely.
Multifactor Authentication, a Password’s Best Friend
An excellent login security practice that everyone uses whenever they use an ATM is multifactor authentication. It’s the practice of requiring two or more authenticating factors before allowing access to a system.
In the case of an ATM, it’s your personal debit card and PIN that you use. In the case of login security, it’s typically your username/password combination and a code that is sent to you via text, email, or a security token device.
Multifactor authentication uses knowledge or possession factors to ensure the person trying to login is authorized. Some of these include:
- A physical object in your possession, like a bank card or smartphone
- A secret known to the user, like a password or challenge question
- A physical characteristic, like fingerprint or eye iris
- A location-based confirmation, like a connection to a specific network
Most cloud-based software and browser-based logins offer multifactor authentication (also referred to as two-factor authentication) and if you’re not using it, you should be.
According to Symantec’s Internet Security Threat Report, 80% of data breaches can be prevented by using multifactor authentication.
Don’t Leave Yourself Open to a Data Breach
Why wonder when your company may get hit with a data breach? Instead get a free Security Scorecard from Triada Networks. We’ll evaluate your current IT security, tell you where you stand and give you smart recommendations.
Take a moment today to schedule your free consultation or call 201-297-7778.