Question: What do ‘12345’ and ‘Password’ have in common?
Answer: They are the two most common passwords used online.
Yes, we understand that you’ve probably got a wry smile across your face right now. And we’d love to join in and have a chuckle. BUT, unfortunately we hear about, and witness, the implications of using such easy-to-copy passwords with increasingly regularity and the results aren’t pretty. In 2017 Google suggested that hackers were stealing 250k web passwords each week – two years on this figure will undoubtedly be higher!
We all know at least one person or business that’s been scammed recently. They may have received a phone call, email or even a printed letter. One thing most of these scams will have in common is that the data used to help trick the victim has been found online. The digital space contains a wealth of information about all of us, and the more of it that we can lock down, the better. Passwords are a great way to start.
Choosing random passwords to use is vital, incorporating a range of letters (in upper and lower case), numbers and punctuation marks. And once you’ve created your password make sure that it’s specific to just ONE digital site or platform – don’t duplicate it across several. And change it – regularly!
The advantage of using the same, common, password in everything we do online is that we can memorise it easily, and that’s where the trouble begins. Once we start using different, regularly changing passwords most of us won’t be able to hold the information in our heads. Passwords do need to be stored somewhere safe, so that we can refer back to them whenever we need to. This can open up another can of worms – where do we store the passwords safely, but out of harms way? Yes, you could revert to that old-fashioned medium of pen and paper :-). Or there are applications that will securely store your passwords.
Sound easy? Well it’s certainly not difficult but it does require discipline and consistency. And whilst we can all take personal responsibility for our passwords how does this translate across a business? Password policies are vital within all businesses. Not only does the policy need to be clear and concise, but additionally it must be well-communicated and monitored for compliance. Staff need to understand the necessity for adherence and be given time in order to change their passwords. Having a regular discussion within staff meetings about passwords is just one example of how the importance of compliance can be conveyed. Never just assume that staff are doing what they are supposed to be doing…
So, has reading this confirmed that you have a great password policy in place that’s being followed consistently throughout your organisation? OR, are you concerned that you and your business are leaving the digital door wide open for unscrupulous hackers and scammers? If you fall into the latter group then PLEASE strike while the iron’s hot – don’t leave changing your password until tomorrow – it may be too late. And then make sure that EVERYONE within your team are doing the same. And if you need to find out more about an ideal Password Policy, applications for storing passwords, and a Dark Web scan to find out where your information is held, then get in touch…