Every day we type in our usernames and passwords, from accessing the computer at the start of the day, then logging into various systems during the day. But how safe are the passwords you are using?
A recent Cyber Security report in April was released with some chilling statistics:
- Less than 50% of users have “strong” passwords
- 31% of businesses in the UK experienced a Cyber Attack last year
- 65% of companies in the UK do not enforce password policies with their staff
- 1 in 13 web page requests leads to malicious content
So, what are “strong passwords” do you have a password policy for your business, and how do you continue to protect your business for cyber threats?
Strong passwords essentially are passwords made up of over 16 characters, including numbers (1,2,3,4,5 etc.) CAPITAL LETTERS and special characters (!@£$%^&*(). The stronger your password is, the longer it would take for a hacker to crack it.
Sadly, though you can have the strongest password in the world, but if you input it onto a malicious website, it will be visible for the hacker to use, and sell on the Dark Web. This is where the power of a Password Policy comes into play.
A password policy sets guidelines for your staff to follow in terms of how strong you expect their passwords to be, how often passwords are changed, and whether or not the same password can be used for all the different systems your employees may have access to.
The strongest form of password policy would dictate that passwords of 16+ characters, including two numbers, capitals and special characters are used. The passwords must be changed every month and the same password cannot be used for a minimum of 12 changes. Finally all systems which require a password must be unique and not guessable, i.e. adding a 1 or the name of the month to the end of the password.
Let’s not also forget running a business class Anti-Virus program will also greatly reduce your risk of your business becoming a victim as they will block malicious code of websites, or even block access to the website entirely if it is known to be a risk.
Whilst having a strong password enforced and good Anti-Virus will limit the chance of a breach occurring, how would you know if and when your systems are breached?
If your answer to that question is “I’m not sure” then we need to talk. We have teamed up with a global security monitoring firm who let us know the second one of your business usernames and passwords become compromised.
Some of you may be aware of a free site which alerts you to a hack, so what’s the difference you will be asking yourself? Our system not only alerts us the second your details become available of the Dark Web, they also let us know the source of the breach and include a snapshot of the password so you know whether it is a current password, or one that has already been changed and never to use it again.
We like to think of this system as an insurance policy, you will operate daily forgetting it is even there, but when it is needed, boy will you be relieved you have it in place!