Story image

Expert offers password tips to aid a stress-free sleep

15 Mar 2019

The 15th March marks a day that you might not have been aware of - World Sleep Day.

For many people, the worries of the day can often crawl into night-time routines and cause lost or disrupted sleep - and a perfect example of that is those that work in the cybersecurity industry.

Ever-changing threats, almost daily news of breaches, and the constant and relentless risks for businesses.

According to LogMeIn, almost  over 271 thousand records are breached every hour, adding to 2.1 million records in one night’s 8-hour sleep - pretty good cause for late night stress among cybersecurity professionals.

LogMeIn chief technology officer Sandor Palfy says given the magnitude of the situation, it’s surprising to consider that the cause is a relatively simple act that everyone is familiar with, as 81 percent of confirmed data breaches are caused by passwords.

So in light of World Sleep Day, Palfy has shared his best practices for password management to perhaps enable a better sleep among cybersecurity professionals.

Require strong passwords for every account

“The most secure passwords are at least 18 characters and include a mix of numbers, letters and symbols. Short, easy-to-remember or default passwords are not secure and can be easily cracked by hackers,” says Palfy.

“It’s also imperative that then these passwords are not re-used on multiple other online accounts. Putting password strength policies in place in your organisation will help prevent weak password creation and reuse.”

Password management

“Given that the average person has 200 passwords to keep track of, there can be strong reluctance to create unique, complicated passwords for every online account that are updated much more frequently. To that end, a password management tool can be used to generate and store secure passwords,” says Palfy.

“A password manager can also help identify passwords at greatest risk and automatically update them as needed, removing the chore from employees. Once employees begin to use the password manager as part of their daily workflow, they will start replacing their short and repeated passwords with long and unique ones.”

Train employees on proper password management

“It may surprise (and anger!) some IT professionals that employees often use the same passwords across professional and personal accounts – 59% have reported mostly or always using the same password,” says Palfy.

“Employees should be trained on the risk involved with reusing passwords and be advised to use unique passwords for each account.”

Be careful when sharing passwords

“Sharing passwords in the workplace is inevitable, but you should never share those passwords via email or text. You always want to limit the exposure to a password and thus limit its vulnerability to hacking,” says Palfy.

“This includes storing multiple passwords in an easily-accessible document, which again is common practice with 42% reportedly keeping passwords in a file on a mobile device, word document or Excel spreadsheet. Using a password management tool to help you securely share access to passwords is your best bet.”

Implement multifactor authentication (MFA)

“MFA is one of the most effective ways to add another layer of security to password protected accounts,” says Palfy.

“Even if a hacker obtains a password, they will still have to provide an additional factor before breaching the account. Multifactor authentication adoption is still relatively low and should absolutely be considered by more organisations.”

Palfy hopes that these tips help for this World Sleep Day, as everyone deserves a good night’s sleep at the end of a long work day.

Slack users urged to update to prevent security vulnerability
Businesses that use popular messaging platform Slack are being urged to update their Slack for Windows to version 3.4.0 immediately.
Secureworks Magic Quadrant Leader for Security Services
This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Deakin Uni scores double win with Exabeam partnership
Australia’s Deakin University is partnering with SIEM security company Exabeam in an effort to boost the university’s cybersecurity degree program and strengthen its SIEM capabilities.
Google puts Huawei on the Android naughty list
Google has apparently suspended Huawei’s licence to use the full Android platform, according to media reports.
Voter vulnerabilities: Cybersecurity risks impact national elections
The outcome of elections have an enormous impact on the political and cultural landscape of any democratic society. 
Using data science to improve threat prevention
With a large amount of good quality data and strong algorithms, companies can develop highly effective protective measures.
General staff don’t get tech jargon - expert says time to ditch it
There's a serious gap between IT pros and general staff, and this expert says it's on the people in IT to bridge it.
ZombieLoad: Another batch of flaws affect Intel chips
“This flaw can be weaponised in highly targeted attacks that would normally require system-wide privileges or a complete subversion of the operating system."