Do you need help with Cybersecurity or IT Management?
It’s a common habit, but reusing the same password across multiple accounts is a massive risk to your organisation. Attackers can easily get into one account and then access all the others. We really need to put a stop to this.
Why Simple Passwords Aren’t Enough
Even with a keyboard full of characters, most people tend to use passwords that are just a word, a number, and a symbol. This isn’t strong enough anymore. It can take mere seconds for hackers to crack these types of passwords. If you’re not using multi-factor authentication, even passwords that are eight or nine characters long are pretty much useless against modern hacking techniques.
Key Takeaways
- Stop reusing passwords across different accounts.
- Longer passwords are significantly harder to crack.
- Multi-factor authentication (MFA) is a must-have.
- Passkeys are the future of secure logins.
Building Stronger Passwords
To create passwords that are much harder to guess, try the "Battery Horse Staple" method. The idea is to pick four words that you can easily remember. Then, mix in some symbols and numbers. This makes your password much more complex and difficult for attackers to figure out. For example, instead of Password123!, you might use something like Battery#Horse7Staple.
The Importance of Multi-Factor Authentication (MFA)
For any web-based system, using multi-factor authentication should be a standard requirement. It’s often a mandatory part of security standards like Cyber Essentials. MFA adds an extra layer of security, meaning even if someone gets your password, they still can’t access your account without a second form of verification, like a code from your phone.
The Future: Passkeys
My recommendation for the best way forward is to start moving towards using passkeys. These are essentially the future of how we’ll log in securely. They are designed to be much more secure than traditional passwords and will make a significant difference in reducing the chances of a serious data breach for your organisation. Getting your team trained on these new methods and enforcing MFA everywhere is a smart move to protect your digital assets.
