You have one very secure password. It is over 10 characters long, has special characters, and upper and lower case numbers. So how could this be a bad thing? Say you use your one very secure password for all, or the majority, of your account passwords. What happens when one of those accounts gets hacked?
With recent breaches such as LinkedIn back in May and the more recent Yahoo breach, it is critical to pay attention to password security and how it affects you. When you get notifications about a possible breach pertaining to your account, you change your password and then you’re good to go, right? Wrong, changing your password is not enough. If you use that same password on numerous accounts, Hackers now have access to those platforms as well. But don’t worry, there are simple password security measures that you can implement to protect both your company’s information and your personal information as well:
- Do not repeat passwords- By using different passwords for all of your accounts you mitigate the risk of a hacker gaining access to multiple accounts when one of your accounts is breached.
- Reset Passwords- Changing your password frequently is critical in password security. If there is a breach of your account, this prevents the unauthorized access of your account.
- 2-Factor Authentication- For an extra layer of security, implementing two factor authentication requires an extra credential for a user to input, decreasing the likeliness of a breach.
Many of the high-profile breaches you hear of on the news and social media, like the LinkedIn and Target breaches, occurred due to the organization’s lack of essential security measures that could have prevented the incident. Here are some effective security measures that companies can take to alleviate the chances of breaches from occurring:
- Document Policies-Make sure the company security policy is up to date, especially the password policy. Implementing features such as password expiration and complexity are crucial because it requires users to change their passwords often and create strong passwords.
- Use Encryption- Companies should encrypt their passwords for an extra layer of security. This may seem like a no brainer, but this was a problem in the 2016 LinkedIn breach that was theft left over from the 2012 LinkedIn breach.
- Train Employees- It is essential to incorporate your employees into your security strategy. Human error is often the leading cause of breaches. Making your team aware of the current security threats will help them protect your organization’s data as well as their personal information.
While using the same password might seem like a convenient option, it is more of a threat to your personal information than you may realize. COMPASS recommends using a different password for each account. Trying to remember numerous passwords for all different accounts can be overwhelming and stressful. The good news is, there are apps for that! There are many applications that will encrypt and store all your passwords in the application. Another option when you are creating these passwords, is to use pass phrases or song lyrics that are easier for you to remember.
Having a secure password is not enough to protect your data from a breach. While it is impossible to guarantee that you will never have a data breach, there are important security measures that will mitigate the likeliness of having your data stolen, and password security is one if those measures. For more information on password security, read our Three Tips to Better Password Security blog post, or feel free to contact us.
