Despite their vulnerabilities, passwords featuring letters, numbers and symbols are still commonly used by many companies to defend the private data they handle from falling into the wrong hands. However, the largest security issues enterprises face regarding passwords involves their own staff rather than cybercriminals.
Left to select their own passwords, personnel will often pick simple combinations that are either easy to remember or have personal significance for them. Unfortunately, options like “Password” and “12345678” are easy to crack, and using birthdays and the names of pets also leaves accounts vulnerable as this information can often be gleaned from social media accounts.
Control passwords and update them regularly
Staff members should never be allowed to select passwords of their own. By issuing passcodes to employees, IT security chiefs can ensure they are powerful enough to protect the accounts with which they are associated.
Additionally, passwords are often shared with others. With this in mind, change them on a regular basis for enhanced protection.
What makes a robust password?
The latest advice provided by the National Cyber Security Centre (NCSC) suggests that strong but memorable passwords can be achieved by combining three words together. This makes them easy enough for staff to recall, but strong enough to keep hackers out, since length is often a better password attribute than complexity.
What does the term MFA mean?
Multi-factor authentication (MFA) is an advanced security option that adds an extra layer of protection to areas controlled by passwords. Whether it is to access a company email account or secure data store online, when a password is entered, the individual keying it in will be asked for an authentication code. The code will be sent to their personal device, usually via an SMS, and typically features six-to-eight digits. After receiving the authentication code, they can enter it online and will be granted access.
Effectively, if a password is stolen, cracked, or guessed by a cybercriminal, they will still not be able to access the account unless they also have the individual’s personal device in their possession. This option has proved effective against many attempts at email trespass and account hacking.
Operate securely with the Galaxkey workspace
At Galaxkey, we understand that creating a safe environment for staff to work in enhances productivity and ensures private data stays secure and confidential. Our system has no backdoors for attackers to gain a foothold in your network and no passwords are ever retained where they can be retrieved by malicious operators and used to gain access to secure areas.
We understand that regardless of how powerful a security solution is, if it is not easy to understand and simple to use, it will not be used effectively and will become a risk in itself. That is why our state-of-the-art encryption can be activated with a single mouse click. Once encryption is added to emails or data files prior to sending or storage, all information is scrambled effectively with three layers of robust protection.
Get in touch with our technical team today and book a free online demonstration or two-week trial.