See Yourself in Cyber: Protecting Passwords!

See Yourself in Cyber:? Protecting Passwords!

As TekMonks continues its support for Cyber Security Month and its theme "See Yourself in Cyber," we focus on passwords.

Last week’s article focused on Multifactor Authentication. The future is for password-less access, where we use our smartphones and other factors to authenticate without remembering those odd long suggested passwords. According to a Tech Radar article "Gartner predicts that 60 percent of large and global enterprises will be password-less for more than half of use cases by 2022. That rises to 90 percent for midsize enterprises."?

That prediction is optimistic, and we will have to manage user ids and passwords for many years to come for personal accounts and for legacy older systems and applications.? In fact, a recent Tech Republic article mentioned that 80% of help desk support tickets are around password issues.

With a theme of “See Yourself in Cyber,” what we all do as cyber users do to help make it more difficult for those cyber thieves to hack or gain access to their passwords:

The first step is to ensure passwords are long, leverage special characters and numbers, and are not easy to predict.?

Second, use different passwords for every application.? For most business and even personal applications, the user id may be the same, such as your email address. By using different? passwords, if one is compromised for a particular application, it will not enable a cyber thief to easily try those credentials for other business and personal applications.?

Third, be sure not to use obvious passwords and PINS. It may be easy to remember your pet or children's name, but those are easy to find these days on social media or in other online records.

Fourth, If you must write down passwords, do not leave them somewhere obvious, such as a post-it on your computer, a piece of paper on your desk, or somewhere easy for others to find.

Finally, for personal accounts, consider using a password manager to help manage all of your passwords.? They make it much easier to use different passwords for different applications and easy to use those long, complicated passwords that are hard to crack!?

Companies can also improve password management to secure applications and data access through a password management strategy, leveraging different approaches including:

Educating users on the best practices for passwords and enforcing rules for company passwords, including length and frequency of change.

Leveraging Single Sign On and password management systems that make it easier for employees to access applications securely with different and longer complex passwords.

Implementing Multifactor Authentication whenever possible.

Monitoring security and password issues. Diligently monitor and review security sites and key vendor alerts for security vulnerabilities and potential compromise of user information, including passwords. Document necessary policies and procedures to ensure prompt responses to ensure passwords and their users are secure.

Implementing a security system that? helps manage and change user passwords in addition to single sign-on support. This allows for rapid password updates based on announced vulnerabilities and increased security, as employees will need to login into the security portal for application access.?

For companies looking for innovative solutions for managing users and their passwords, please read Brian Silverman’s post earlier this year on TekMonks’ LoginCat. Why does trust matter beyond the traditional ID and password authentication????

If you have any questions, comments, or want to learn more about TekMonks security solutions, please contact me here or email TekMonks at [email protected].