04 May 2023 WORLD PASSWORD DAY
The Importance of Strong Password and Benefits of Password Managers
WHO ARE WATCHGUARD?
WatchGuard’s industry-leading network security completed Purdicom’s solution offering perfectly, complementing our vendors and being used within our own offices. WatchGuard provides the solution for small-medium businesses with enterprise-grade cyber security technology, protecting your online and offline world. Using intelligent protection, effectively protecting against todays and future evolving threats.
World Password Day
World Password Day continues to serve as an annual reminder that we all need to practice better password security. Despite being in 2023, people are still using vulnerable and predictable passwords such as “12345,” “qwerty,” and “password” to secure their essential accounts, systems, and infrastructure. Some individuals may believe that using a combination of their birthdate and their pet’s name will create a strong enough password to prevent a cybercriminal from guessing it. However, this is not the case. Persistent attackers are known to scour the social media profiles of their targets for information that could assist them in cracking passwords. Additionally, several tools are available to hackers to decipher passwords that are based on formulas or common words.
Now more than ever, it is crucial to have good password habits, which involve using unique, complex, and random passwords for every account (with a minimum of 16 random characters and no dictionary words). However, it is easier said than done, as people often struggle to remember passwords, leading them to rely on simple passwords or reuse them across accounts, with minor modifications (such as changing one character). Regrettably, this practice of reusing passwords can result in multiple vulnerabilities in case of a breach.
To tackle this issue, one solution is to promote the use of password managers. These tools simplify the process of generating and keeping track of intricate passwords. While password databases are frequently targeted for theft and easily available on the internet, if a hashed password database is stolen, cracking strong passwords becomes more difficult.
Password managers can help you better control your credentials, especially if you think in terms of corporate use. Not sure about it? Let’s look at some areas where it can help mitigate password-related issues:
1. Password sharing: You may easily share over the phone a password such as “football123”. Now try to share “tNNi^M$E*@Ep7LD&”. Not that easy, right? This could help prevent intentional sharing or through social engineering.
2. Same passwords for everything: Typically, people can memorise only a few passwords, around three or four, and the rest are just slight variations of the same password. This approach often results in a corporate password being used across numerous uncontrolled accounts, creating a significant security risk. A password manager can be instrumental in training users to adopt a different password for each account. With a password manager, the user no longer needs to remember all their passwords, as the tool will create and automatically fill in unique passwords during authentication.
3. Easy-to-crack passwords: Various attack methods, such as password spraying, rely on simple passwords to gain unauthorised access. Passwords with up to 12 characters and a regular hash are often susceptible to cracking without difficulty. However, passwords that are at least 16 characters long, like those generated by password managers, are virtually impossible to crack with multiple combinations.
4. Shared admin passwords: Some companies have shared credentials, such as an administrator password that is commonly used by all IT admin staff. However, even when complex passwords are implemented, there is no guarantee that they won’t be compromised. To address this issue, corporate password managers can provide a secure solution for password sharing among team members. Passwords can be stored safely in a centralised vault, and access can be granted on a need-to-know basis, limiting the number of people who have access to critical credentials.
5. Password carelessness by users: Providing users with proper training is crucial in protecting against various security threats, such as phishing attacks or inadvertently sharing passwords over the phone. It’s not uncommon for scammers to impersonate bank representatives and request password information over the phone, making it essential to educate users on how to identify and avoid these types of scams. Password managers can be an effective tool for training users to create and maintain secure passwords, emphasising the importance of keeping passwords safe and reducing the likelihood of using them in dangerous situations.
By implementing password managers, users can learn best practices for password management, such as utilising unique and complex passwords, avoiding password reuse, and safeguarding passwords against unauthorised access. Overall, providing adequate training and utilising password managers can significantly enhance the security posture of an organisation.
If you’re interested in finding out more about everything WatchGuard has to offer, please get in touch:
+44 (0)1488 647 647