Data breaches, hacking attacks and ransomware have all increased in recent years. With more businesses adopting cloud services, we have more usernames and passwords to remember than ever but bad password habits from staff could allow criminals to prey on your network.
A recent survey found that the top passwords in 2020 could be hacked within seconds! These included:
While most modern systems don’t allow these types of passwords to be used, there are businesses that still permit them due to legacy systems being in place or IT staff inheriting them and not having the ability to change the format of the passwords.
While having easy-to-crack passwords is an issue, the corporate email addresses staff use as part of the login procedure are also problematic as both emails and passwords can turn up on the dark web.
When a friend had his Facebook account hacked, which was connected to numerous other accounts as a form of generic email login, he was locked out for 30 days with no access to those other web services. He found his details were available on the dark web too and spent the best part of a weekend changing passwords to ensure this wouldn’t happen again.
Using corporate email logins and bad password habits have allowed hackers to thrive and cause havoc and disarray while lining their own pockets. Weak passwords attacks and access management infiltrations rose by 21% in 2020. With more than 44% of people in the UK reusing their passwords regularly to access cloud solutions for work, for shopping or to book a hotel, restaurant or holiday, we have become bountiful targets.
How can you protect your business from weak passwords?
- The National Cyber Security Centre recommends businesses put in place password restrictions ensuring they are of a certain length and include characters, numbers and a capital letter to deter hackers.
- They also advise that passwords are changed every six weeks and cannot use the same password with a changed number or letter.
- The integration of multi factor authentication (MFA) should be adopted too, so your mobile devices benefit from an additional layer of security and ensures the login is genuine.
- You should adopt an anti-virus solution on staff devices, along with network firewalls, to protect them from incoming web traffic.
- You should also find out if staff information is available on the dark web that could compromise your network.
- Lastly, roll out cyber security training for staff to help them identify the risks of phishing emails to protect themselves and your business.
swcomms can support your business with our dark web report to help protect you from potential threats, for a low cost per user per month. Find out more here or call us direct on 0800 054 6789.
Other security blogs of interest: