sb-au logo
Story image

Expert offers password tips to aid a stress-free sleep

15 Mar 2019

The 15th March marks a day that you might not have been aware of - World Sleep Day.

For many people, the worries of the day can often crawl into night-time routines and cause lost or disrupted sleep - and a perfect example of that is those that work in the cybersecurity industry.

Ever-changing threats, almost daily news of breaches, and the constant and relentless risks for businesses.

According to LogMeIn, almost  over 271 thousand records are breached every hour, adding to 2.1 million records in one night’s 8-hour sleep - pretty good cause for late night stress among cybersecurity professionals.

LogMeIn chief technology officer Sandor Palfy says given the magnitude of the situation, it’s surprising to consider that the cause is a relatively simple act that everyone is familiar with, as 81 percent of confirmed data breaches are caused by passwords.

So in light of World Sleep Day, Palfy has shared his best practices for password management to perhaps enable a better sleep among cybersecurity professionals.

Require strong passwords for every account

“The most secure passwords are at least 18 characters and include a mix of numbers, letters and symbols. Short, easy-to-remember or default passwords are not secure and can be easily cracked by hackers,” says Palfy.

“It’s also imperative that then these passwords are not re-used on multiple other online accounts. Putting password strength policies in place in your organisation will help prevent weak password creation and reuse.”

Password management

“Given that the average person has 200 passwords to keep track of, there can be strong reluctance to create unique, complicated passwords for every online account that are updated much more frequently. To that end, a password management tool can be used to generate and store secure passwords,” says Palfy.

“A password manager can also help identify passwords at greatest risk and automatically update them as needed, removing the chore from employees. Once employees begin to use the password manager as part of their daily workflow, they will start replacing their short and repeated passwords with long and unique ones.”

Train employees on proper password management

“It may surprise (and anger!) some IT professionals that employees often use the same passwords across professional and personal accounts – 59% have reported mostly or always using the same password,” says Palfy.

“Employees should be trained on the risk involved with reusing passwords and be advised to use unique passwords for each account.”

Be careful when sharing passwords

“Sharing passwords in the workplace is inevitable, but you should never share those passwords via email or text. You always want to limit the exposure to a password and thus limit its vulnerability to hacking,” says Palfy.

“This includes storing multiple passwords in an easily-accessible document, which again is common practice with 42% reportedly keeping passwords in a file on a mobile device, word document or Excel spreadsheet. Using a password management tool to help you securely share access to passwords is your best bet.”

Implement multifactor authentication (MFA)

“MFA is one of the most effective ways to add another layer of security to password protected accounts,” says Palfy.

“Even if a hacker obtains a password, they will still have to provide an additional factor before breaching the account. Multifactor authentication adoption is still relatively low and should absolutely be considered by more organisations.”

Palfy hopes that these tips help for this World Sleep Day, as everyone deserves a good night’s sleep at the end of a long work day.

Story image
Guardicore Labs exposes brute force MS-SQL attack campaign
The cyber attack campaign uses password brute force to breach victim machines, deploys multiple backdoors and executes numerous malicious modules, such as multifunctional remote access tools (RATs) and cryptominers. More
Link image
Need better security now your workforce is remote? Get it for free
Remote working comes with all kinds of cybersecurity risks. Protect your business by leveraging multi-factor authentication, biometrics and push notification software for free.More
Link image
Take advantage of free multi-factor authentication as you work remotely
Cybersecurity is shaping up to be one of the most important areas to consider while working from home. Leverage biometrics and password authentication for free with RSA.More
Story image
Google Chrome postpones changing cookie policy in wake of COVID-19
Google Chrome says it began enforcing secure-by-default handling of third-party cookies with its release of the Chrome 80 update in February. But now the work has been postponed due COVID-19.More
Story image
IBM integrates Okta identity solutions to cloud offerings
“We’re excited to formalise the partnership to provide our joint customers with the technology to help secure their organisations.”More
Story image
Organisations take cloud-first approach to security, though concerns remain
"While the results of this survey show that some security professionals still have concerns, having visibility into cloud services is vital and many organisations are now taking a cloud-first approach to security.”More