The complex made simple

Blog

Cyber Security – Be safer today – Passwords

55
18iT News / Cyber Security / Tips

Cyber Security – Be safer today – Passwords

None of us wants to fall victim to cybercrime.

We can all take steps today to be a harder target for the threat actors (Cybercriminals) out there.

It is easy to feel overwhelmed by this as the topic is pretty vast. So this is why we have put together this list of key areas to focus on to start with.

Get the basics done right.

Once you start getting these in place you are already adding layers of security to your business that others are not. The threat actors will be looking at those easy targets.

Password Management

This is an age-old issue that has been a bone of contention for many years. Passwords have to be long and complex by nature, so people find them hard to remember. This results in many making their passwords easy to guess or for automated tools to break in moments.

We often hear people tell us

It’s hard to remember so many passwords and make them complex

The table below showcases the time taken to break passwords – Sourced from secureitnetworks.net

So we need to make our passwords as complex as possible. The NCSC – National Cyber Security Center say to help generate secure passwords use 3 random words and you can add numbers to the end.

How to store and manage passwords

  • Some people use post-it notes stuck to the PC or laptop
    • Not secure at all. Anyone can see them and use them
    • They can be lost or stolen
    • located in one place only. so you need to be in that location to use them
    • How do you manage your password changes?
  • Some people have a dedicated password book
    • Not secure – anyone can open the book and have full access to what you have written
    • Can also be lost and stolen
    • No backup copy of what is included in the password book.
    • How do you manage your password changes?
  • Some save them into an excel file or document on their PC.
    • It’s better than the first two options, but if you can’t access the file or it’s deleted or corrupts what happens then?
    • There is no real security to the file. Even if you use the built-in password protection for the file it does not meet the true security requirements to class it as “secure” it can be forced and hacked with ease
  • Some save them in a web browser.
    • This is not really ideal either
    • If the device gets hacked it is the first place the threat actors look.

 

Invest in a Password vault manager. These allow you to

  • Only need to remember only one password
  • Saves a different password for each website/portal you use
  • Allows you to save the website address as well as login details
  • Allows you to save notes as well in a safe and secure way
  • Some allow you to share details with others if you need to. This is done in a secure way that can be removed whenever needed.
  • You have a single source of truth. This gives you peace of mind, knowing that you can access your websites/portal in a safe and secure way, Otherwise, you will have an email saying to log onto the website by clicking on this link, which could have been compromised if it is not from whom it claims to be. This process alone makes you a harder target for Phishing emails. (check out our Jargon buster here for the meaning of Phishing)

We have a couple we recommend depending on your needs. Get in touch and we can help you get this set up and ensure you are as safe as possible.