4 Tips for Password Security to Strengthen Your Cybersecurity Posture

4 Tips for Password Security to Strengthen Your Cybersecurity Posture

There are multiple layers in any good cybersecurity plan. These include next-gen firewalls, antivirus software, apps that combat phishing and spam, and backup and disaster recovery strategies.

But, perhaps one of the most important layers when it comes to preventing data breaches is password security.

A full 80% of hacking related data breaches are the result of weak or compromised passwords. The danger with a hacker having a user password, is that they have more ability to bypass other layers of IT security because they’re logged in as a legitimate system user.

For Brisbane businesses looking for managed IT and security solutions, password security can be an area where they have some big vulnerabilities. This is typically due to poor password habits by users who find it a challenge juggling multiple passwords.

According to Ponemon’s 2019 report on password security, there are several statistics that illustrate the issues companies face when it comes to the security of user passwords. These include:

  • 51% of respondents find passwords too difficult to manage.
  • 57% of those surveyed said that even after a phishing attack, they haven’t changed their password behaviors. 
  • 69% of users say they share passwords with colleagues.
  • 51% of respondents reuse an average of five passwords across both business and personal accounts.

So, in the face of passwords that are difficult to manage and poor employee password habits that tend to leave business applications vulnerable, how can you improve the security of your logins?

Password Tips to Improve Data Security

Making password security a priority will significantly reduce the vulnerability of your organisation to data breaches related to stolen or hacked login credentials. With all your business data being protected by the weakest password used by one of your staff, it’s important to position credential security as one of the top layers of your cybersecurity strategy. 

1. Require Strong Passwords in Business Applications

A strong password is one that has certain attributes that make it harder for a hacker to compromise. This includes things like the length of the password and using a combination of letters, numbers, and symbols.

The best way to generate passwords is not by having your employees come up with them themselves, but by using a password generator that will automatically provide a password that’s difficult to hack.

You can avoid employees using weak passwords in applications such as Office 365, by adjusting your admin settings to reject easy passwords and require strong ones.

2. Use a Password Manager

The average employee has to keep track of an astonishing 191 different passwords. That makes it just about impossible for a person to remember them all and make them all “strong” passwords.

Password management applications offer companies and their employees multiple benefits when it comes to password security, including the most helpful, which is to remember all their passwords for them. Employees only have to remember a single password to access all the others.

Some of the advantages of using a password manager include:

  • Securely stores all passwords
  • Suggests strong passwords
  • Auto-fills logins 
  • Has an admin feature, to access an employee’s password if needed
  • Makes it easy to have a unique password for each login

Another benefit of password managers is that you can also use them for company payment cards, so card details aren’t being emailed or written down and left unsecure.

3. Implement Multi-Factor Authentication

Your username and password combination is considered one factor when it comes to user authentication. Adding a second factor to that significantly improves password security.

A common second factor used in multi-factor authentication is a code that is sent by text message upon login that has to be entered after the login to gain access to an application. This helps protect against data breaches from compromised passwords because in most cases the hacker is not going to have in their possession the device that receives the code.

Multi-factor authentication can be implemented on an application basis or by using a platform that allows you to implement it centrally across all apps your business uses.

4. Conduct User Awareness Training

Passwords are used by your employees every day, so it’s important that they understand how vital securing their passwords is to the overall security of your business.

If you just implement password security policies without fully explaining why to your team, users can potentially find ways around them. You have a much better chance of strengthening your password security by explaining the risks to your employees and providing them with recurring cybersecurity awareness training. This will help get their buy-in and understanding of just how important it is to protect their logins.

Need Help with Your Network Security?

Your network security is vital to the ongoing health of your Brisbane business. Make sure your network has the protection it needs. Connected Platforms can assist you with multiple security solutions that will prevent network leaks and breaches.

Contact us today for a free IT security consultation or to find out about other IT solutions we can help you with. Call (07) 3062 6932 or book a coffee meeting online.

More blog posts

How to create secure passwords

How to create secure passwords

Weak passwords are one of the biggest security risks to your business.
Why?
Because cyber criminals are getting smarter than ever before. If they manage to crack just one password, they could gain access to your sensitive business data, financial information, or even gain control of your entire system.
Cyber criminals use automated tools to guess passwords, allowing them to try out millions of combinations in seconds. So, if you’re using something like “Password123” or “CompanyName2025”, you’re practically handing them the keys to your business.
A compromised password can lead to big issues, such as:
• Data breaches
• Financial losses
• Identity theft
• Reputation damage
But how do you create strong passwords without driving yourself (and your team) mad?
Think of your password like a secret recipe, where only you should know the ingredients. It should:
• Be at least 14 characters long (the longer, the better)
• Include a mix of uppercase and lowercase letters
• Contain a few numbers and symbols (like @, $, %, or &)
• Not contain any common words or easily guessable information (like birthdays, names, or the word “password”)
Instead of using a single word, you could try a passphrase – a short, random sentence that only you would understand. For example, instead of “Sailing2025”, try something like “Coffee&CloudsAreGreat9!”. This is much harder to crack, yet still easy to remember.
You should also steer clear of these common mistakes:
• Using personal info (your name, birthday, business name, etc.)
• Reusing the same passwords across multiple accounts
• Using simple sequences (“123456” or “abcdef”)
• Storing passwords in an easily accessible place (like a sticky note on your desk)
If remembering unique passwords for every account sounds impossible, there is another option: Password managers. These generate strong passwords, store them securely and autofill them for you.
With a password manager, you only need to remember one strong master password for the manager app itself. The rest are encrypted and stored safely, reducing the risk of data breaches.
Even the strongest password isn’t foolproof, which is why multi-factor authentication (MFA) is also important. MFA requires a second form of verification, like a one-time code sent to your phone or generated from an authentication app.
If you have employees accessing your business systems, it’s a good idea to have a password policy in place to explain your rules and why they’re important. This should include:
• Unique passwords for each system and account
• Regular security training on password best practices
• Business-wide use of MFA for critical systems
• Scanning for compromised passwords regularly
By making password security a priority, you can reduce the chances of a cyber attack creating a nightmare for your business.
And if you need help making your business more secure, get in touch.

Beware these common ‘malvertising’ attacks

Beware these common ‘malvertising’ attacks

Ever clicked an online ad and wondered afterwards if it was a scam?… most of us have – and cyber criminals want us to keep doing it. Here’s what to look out for to stop your business’s data (and profits) falling into the wrong hands…

Call Now Button