The annual Data Breach Investigations Report by Verizon showed that over 80 percent of hacking-related breaches resulted from stolen or ineffective passwords. Cybercrime is increasingly prevalent among all types and sizes of businesses, highlighting the need for heightened security measures and increased awareness—and one of the best and simplest ways to defend your network against an attack is with the right password strategy, using these best practices.
Utilize Two-Factor Verification – Two-factor authentication helps to protect your information by adding another step during the login process. In addition to inputting a username and password, a unique, single-use code must be entered which is sent to the user via text or email.
Use Long Passphrases – Password creation has evolved from easy-to-remember birthdates or pet names to a combination of letters, numbers, and symbols—but experts now recommend using long passphrases of up to 12 letters or more, complete with spaces. In addition to this type of password being nearly impossible to crack, they are easier to commit to memory, eliminating the need to write them down and placing them at risk of physical theft.
Create a Blacklist – Hackers often begin their task by using a list of common or previously used passwords, which should be added to your organization’s blacklist. Employees should compare current and future passwords to the list to eliminate high-risk passwords from your network.
Educate Employees – An average of 40 percent or more of security and data breaches occur as the result of employees opening phishing emails or clicking on viral links. Regular training can help to educate and train employees on the detection and avoidance of phishing and other schemes while teaching the importance of password security and strength.
Establish a Secure Connection – Today’s mobile workforce relies heavily on a number of Wi-Fi enabled devices including smartphones, tablets and laptops for day to day processes, and if these devices are connected through an unsecured network hackers may easily gain access to your information. Use Wi-Fi Protected Access 2 (WPA2) for your company network and consider providing a secure VPN connection for mobile workers.
Apply End-to-End Encryption – End-to-end encryption renders passwords and other data indecipherable as it travels across your network and is far superior to reversible or one-way encryption methods.
Make password management a priority to help defend your organization against cybercrime and prevent hackers from gaining access to your information.