3 password mistakes that make it easy for hackers

In terms of defending your business online, your password is one of your first lines of defence. Whether it’s for encrypted files on your computer, access to your company’s social media networks or for your online banking credentials, it’s incredibly important that you make your passwords as difficult and off-putting to hackers as possible.

#1 – You’re password is too easy to guess
This is the first and most common mistake that people tend to make with their passwords. While using the name of your dog or your favourite football team might have been an acceptable password in the past, it’s now far too easy to guess. A hacker simply needs to look at your Facebook, Twitter or other social media accounts to gain an idea of who you are, what interests you have and which people are important to you.  Even if your social media profiles aren’t directly associated with your business they are usually simple enough to track down.

Previous database hacks have given hackers a whole range of knowledge about what types of passwords people most commonly use, and even replacing letters with numbers doesn’t always do the trick.

#2 – You use the same password for everything
While it can be very tempting to use the same password for all your accounts and documents, it’s a seriously dangerous mistake to make. If your password does become compromised then all of a sudden a hacker has full access to all of your data.  Take Facebook founder Mark Zuckerberg, who had his accounts hacked, reportedly using the same password across Twitter, LinkedIn and Pinterest. You should have strong individual passwords for anything that you need to protect and should only give out these passwords to the employees that need regular access.

#3 – You write your passwords down
Another classic mistake that businesses tend to make is to write their passwords down, either in a document saved on their computer system and left unprotected, or by writing them down on physical documents which could be easily stolen or copied. The reason that people tend to write down their passwords is that they find them difficult to remember. If this is the case then you should consider using password management software. Programmes and systems like LastPass and 1Password offer a secure way of finding a balance between easy access to your accounts and tough security.

Our advice
When creating your password you should always try to use a mixture of numbers, symbols and upper and lower case letters. This increases the number of variations that could make up your password and it makes it much harder to guess. By the same token, increasing the length of your password can also help. For highly sensitive documents, programmes and networks you should consider as many as 30 separate characters, which might seem like a lot, but it all helps in making your password tougher to guess. You should also make the most of any opportunities that you have to use 2-step verification when signing in to your accounts (such as on Twitter and Google). 2-step verification works by requiring a user to verify that they want to ‘log on’ to their account by confirming the request on their mobile phone. This means that if someone manages to gain access to your password, they can’t successfully sign in without access to your mobile too.

We recommend that businesses take a holistic approach to online security and don’t see strong passwords as their only method of defence. We help businesses of all sizes to secure their data and protect themselves with the latest anti-virus software, patches and updates.  To find out more please contact us on 01268 575300 or email us on info@ecl.co.uk.