If you hang around cybersecurity folks long enough, you’ll hear us talk about passwords until we’re blue in the face. The fact is that in spite of wild and complex new exploits that hackers take advantage of, there is one thing that makes their lives so much easier: insecure passwords (you know, things like “password123” or “qwerty”). Simple and memorable passwords may be easy to use, but they’re even easier to hack. And let’s face it, it’s not really much of a hack if a malicious actor is just logging in with your password.
In March of 2022, Hive Systems released a study and infographic about how quickly a hacker can brute force your password depending on its length and complexity. They discovered that hackers can brute force passwords with 8 characters, capital letters, lowercase letters, and numbers in under 7 minutes. 8-character passwords without numbers take 2 minutes, and passwords with 6 characters or less, no matter the complexity, are breachable instantly.
It’s ideal to have passwords with at least 12 characters and that also include a diverse mix of uppercase and lowercase letters, numbers, and symbols. Our going advice is “the best password is one you can’t remember.” Furthermore, it’s absolutely imperative that you use a unique, complex password for each site you frequent. Unfortunately, complex passwords are burdensome to manage. Most people easily have dozens of online accounts between work, school, and/or home, and keeping track of them by memory alone is nearly impossible. And no, we absolutely do not recommend keeping passwords on sticky notes plastered to your monitor.
Luckily, digital password managers make tracking your passwords simple and easy. You maintain one complex password to gain entry into your password manager, and within the tool, you keep your usernames and passwords for each of your accounts. Even better, most password managers will also generate random, highly complex passwords to your specifications of length.
Many password managers will also have password theft monitoring – a tool that checks the internet for security breaches and notifies you of compromised passwords so you can quickly reset your credentials.
Keeping your business’ sensitive data protected (including financial, employee, and intellectual property data at a minimum) is of the utmost importance. By deploying a password manager for your employees, you can better protect your business from hackers and other malicious actors.
Looking to deploy a password manager to your entire business or organization, but don’t know where to start? Reach out to ITSecureNow, and we’ll show you how to better protect your data so that you can get back to focusing on your business.