Credential theft has become a major problem for business data security and the #1 goal of phishing attacks. 77% of cloud account security breaches are due to stolen or hacked passwords.
Unfortunately, many Charlotte area companies don’t have strong password protections in place, leaving a large hole in their network security. If a cybercriminal has a legitimate user login, they can bypass multiple safeguards designed to keep out intruders.
The problem with password management is generally two conflicting realities. One is the need for every password to be unique and strong, meaning it has a certain number of characters and uses a mix of letters, numbers, and symbols.
The other reality is that people have to remember so many different passwords that it’s impossible for them to remember unique, strong passwords for every account.
This leads to security issues, such as employees reusing passwords, even between company and personal accounts, and the use of weak passwords that are easy to hack.
In a 2020 study of corporate password behavior it was found that 31% of people use the same password for streaming sites as they do for other applications, and 52% of people share their streaming site passwords with others.
Securing employee passwords is critical to ensuring data and network security, and it can be done successfully with a multi-pronged approach.
Best Practices for Secure Employee Logins
Employee Security Awareness Training
It’s important that employees not only know that they should be using strong passwords but also why. Employee training for security awareness can improve business cybersecurity by arming your team with the knowledge they need to practice good cyber hygiene on a daily basis.
It’s important to conduct cybersecurity training regularly, not just during onboarding, to reinforce best practices for password handling, such as:
- Not sharing passwords
- Not reusing passwords
- Not storing passwords insecurely (in a spreadsheet or on sticky notes)
- Creating strong and unique passwords
Use of Forced Strong Passwords in Applications
While employees may know they should be making strong passwords, not all of them will. An employee may also have a different definition of “strong” than your company does.
You can take the guesswork out of password creation by using tools in programs like Microsoft 365 and others that allow you to force strong passwords. You can set parameters such as the length of a password, the use of an uppercase letter, symbol, and number.
If an employee tries to set a password that doesn’t meet the designated criteria, it will be rejected.
Business Password Manager
Password managers are applications that create a secure vault of all the passwords you use. This vault is encrypted for security and it needs only one password to unlock the access to all the others.
A business password manager makes it much easier to ensure employees are using strong passwords without having to configure multiple apps. The program will suggest strong logins for password set up or updates and employees never have to remember them as they’re created.
Some of the benefits of using a password manager application at your business include:
- Solves the issue that causes weak and reused passwords
- Employees only have to remember a single password
- Can be used via browser plugin and standalone app
- Accounts can be used across different devices
- Companies never get locked out of their own accounts
- If an employee leaves, it can make account offboarding more efficient
- Password managers can also be used to safely store other information (credit card numbers, bank account numbers, etc.)
With every account that your employees have, you should have multi-factor authentication (MFA) enabled. This one simple function can block 99.9% of fraudulent sign-in attempts, including those where a hacker has the user’s login.
MFA can be used with password managers and individually in each application or website login you use.
With MFA enabled, a second factor is needed to authenticate a user for access. This second factor is usually a code that is sent to a user device when they attempt to log into an account.
The code is time sensitive (usually 5-10 minutes before expiring) and is unique. Once entered, the user gains access to the account.
MFA is able to successfully prevent the use of hacked or stolen login credentials, because in most cases the hacker will not have access to the smartphone or other device where the employee receives the code required to login.
Get Help Improving Your Network & Password Security
Password management is one of the most important pieces of your cybersecurity strategy. Rocky Knoll Technologies can help your Charlotte area business put the proper password protections in place to keep your accounts secure.
Contact us today to schedule a free consultation. Call 704.594.7292 or reach us online.