Data breaches are an increasingly common threat to businesses of all kinds. Large and small businesses across every industry are facing cyber threats new and old every single day. This was especially prevalent in 2020, when numerous sectors had to quickly adapt to remote working accommodations for their employees. And with more employees than ever before working in flexible work environments, there are more opportunities than ever for hackers to access your network through endpoints. But with all these security concerns, many businesses may be surprised to find that one of their greatest weaknesses might be their employees’ password usage.
The Importance of Password Safety
Poor password usage is the single greatest cause of data breaches. Malware, phishing scams, ransomware schemes – while all these are very real threats to your business, password mismanagement is still the cause of roughly 80% of company breaches. And these breaches can be a serious financial blow to your company. The cost of replacing lost or stolen records and the loss of business can cost a large company millions (sometimes tens of millions) of dollars!
While many employees know the risks associated with reusing passwords, over 90% of them do it anyway. Some users simply underestimate how valuable their account information is. Others may value certain accounts more than others; while extra protection was common for many financial websites, fewer had extra protection for their work accounts. But the most telling factor was the number of users (nearly two thirds of them) were concerned about trying to remember their password.
The average American has 27 online accounts for numerous web services, including email, social media, and banking. Some may have as many as 50 password-protected accounts at once! And many people find that constantly having to update old passwords and remember new passwords is stressful. With so many accounts, it’s no wonder why so many people use the same password across numerous sites for both work and personal use. Fortunately, using effective employee password management can make password hygiene much easier to navigate.
Why A Password Manager?
Password managers offer numerous features that relieve employees of the stress of having to remember several different passwords. With a password management program, each employee has their own private password vault protected by a master password. This allows users to craft longer and more unique passwords that will be difficult to crack. But no need to try to remember them; the password manager allows you to simply select an account and it pulls up your password for that account. And with cloud-based storage (much more secure than writing all your passwords down in a notebook or planner!), you can easily access your accounts across all your devices. This makes it easy to access your accounts from anywhere (and allow access for a loved one in the event of an emergency). These features are especially useful to your IT department, who spend much of their time retrieving employee passwords. Even with frequent password changes, employees will find it much easier to manage the security of their accounts.
Other Ways to Keep Your Passwords Safe
In addition to effective password organization, there are many ways companies can improve their password usage. While many of these stem from common sense, it never hurts to remind all employees (including management) to stay diligent.
- Passwords that occur sequentially, such as “123456” (which many reports show as the most commonly-used password) are a no-go. Other common offenders include “111111”, “qwerty”, and “123456789”.
- Common phrases and obvious words make for terrible passwords, but many people still use them. It’s been estimated that about 15 to 30% of Americans use a pet’s name for a password. You should also avoid using family member’s names, nicknames, or your own name.
- One of the most commonly-used passwords is still “password”. If you do this, go change it immediately.
- A strong password typically utilizes a mixture of uppercase and lowercase letters, numbers, and characters (such as &, #, ?, etc). It’s also recommended that people make use of “passphrases”, short and unique sentences that also utilize numbers and characters.
- Be exceptionally careful with what you share on social media. Anything from posting your birthday or address, to filling out seemingly fun social media quizzes can provide hackers with enough information to take a crack at breaking into your accounts.
- Do not share your password with anybody. While many people fear some type of account breach, nearly 80% of people have shared their passwords with somebody. This is especially prevalent in the workplace, where it’s not uncommon to see an employee’s password on a post-it note.
- For an extra layer of security, consider implementing two-factor authentication. This can be anything from an access code sent to your phone or email, to the use of facial or fingerprint recognition.
- While some may worry about junior employees being the primary culprits, it’s been revealed that over 60% of managers and other company leaders are guilty of using weak passwords. It’s important for those in leadership roles to practice good password hygiene as well as lower-level employees.