Does your business have poor password hygiene?
More than six out of 10 Australians use the same password for multiple accounts. If that sounds like you, check out our simple password protection steps that can help defend your business against hackers.[i]
Australia has been rocked by several high profile hacking scandals involving major companies including Latitude Finance, Optus and Medibank. As we’ve seen, these hacks can cause significant reputational and financial damage.
For small business owners watching from the sidelines it can be easy to think “what hope do I have?”. After all, large companies have far greater financial resources to throw at cyber security.
The reality however, is that even simple steps, which cost next-to-nothing can make a valuable difference to the cyber safety of your business.
In this blog, we’ll take a look at some basic strategies all small businesses can take to maintain password hygiene.
Here’s what to consider.
Make your passwords strong
A good password is a strong password, and by that we mean one that is hard for a person or a software program to guess. But plenty of people are still using passwords that are far from strong.
As unbelievable as it may seem, the most commonly used passwords globally continue to be 123456 and 123456789.
Ranking in third place is that old favourite ‘qwerty’.
The top 5 most common passwords 2023
|Source: Cybernews Investigation Team|
Sure, these passwords may be easy to remember. But guess what? They’re also incredibly easy for password-breaking software to crack.
Research in 2022 by password manager NordPass found the most commonly used password across Australia was 123456. It takes cybercrooks less than a second to crack the code, and it’s used by close to 5 million accounts.
What does a strong password look like?
Nordpass advises that when it comes to passwords it pays to think long and complex.
Aim for passwords that contain at least 12 characters, with a mix of uppercase and lowercase letters, numbers, and symbols.
Experts also recommend passwords made up of a random string of three words. These are harder to crack than single word passwords.
If you can’t resist the urge to include easy to predict characters like your name and birth date, use a password generator to create complex passwords.
Make passwords unique – for every account
Using the same password for multiple accounts makes a hacker’s job so much easier. If just one of your accounts is compromised, every other account you have can be jeopardised.
Yet despite well-documented data hacks, a survey by TechRadar and OnePulse reveals that six out of ten people still use the same password across multiple accounts.
The main reasons respondents gave for recycling passwords include not wanting to remember different passwords (40%) and believing they aren’t in any danger of being hacked (27%). So using unique passwords seems like a waste of time. Great news for hackers!
Make life simple – but not for hackers
Here’s the harsh reality. Your password is the key to your financial accounts. Without a strong password that is unique for every single account, you are putting your money at risk.
Think of it this way. You wouldn’t use the same key for every lock you use – from your front door to your car and your business premises. So why use the same password for all your accounts?
Yes, we all need to remember a lot of passwords. But the job is so much easier if you use a password manager. This is a software application that stores and manages passwords. All major browser platforms, including Google Chrome and Microsoft Edge have an integrated password manager. Or you can choose to invest in specialist password managers such as NordPass Password Manager.
Encourage your team to use password hygiene
Explain to your staff the importance of good password hygiene – both at work and for personal use.
The TechRadar/OnePulse survey also found that around one in two people share multiple passwords between work and personal accounts. If that’s happening in your workplace, it could threaten the security of your business accounts.