How Weak Passwords Contribute to Data Breaches

Another day, another security breach. Data leaks have become part of our everyday lives, made possible by of the abundance of online services we use on a daily basis that all make a good target for hackers. It doesn’t even have to be a big corporation either, since it’s the small and mid-sized businesses that are commonly the targets of cyber criminals. And if you, as the business owner, don’t take the necessary steps to train employees in how to protect business data, then you could be the next target.

Uneducated employees make your business vulnerable to hackers

Since none of the available authentication solutions have become as widespread as the username and password combo, it’s clear they’re here to stay. As such, the biggest threat that every business faces stems from how employees handle passwords.

Remembering passwords is usually hassle for everyone. If a password is complicated, for example, employees may write it down on a piece of paper and place it somewhere visible so they can quickly access it when needed. The problem with this approach is that anyone who visits their working space can see and memorize that password and later access that user’s data – or worse, the whole system.

The opposite side of this is when employees use weak passwords such as “1234567” or “password” – both of which top the worst passwords lists every year. The problem with these passwords is that they are easily guessable, which could lead to unpleasant situations such as the one that the Bible Society faced recently. The charity, which has more than 200 years of history, had to answer uncomfortable questions from its patron, Her Majesty the Queen, after it was fined for failing to implement the proper security measures, which allowed hackers to access the personal details of nearly half a million people.

What can you do to address the threat?

It’s important to acknowledge that without proper education employees will not be aware of the potential security risks that they represent; by using a weak password they are actually giving access to hackers seeking an easy target.

Along with training, it is wise to use a password manager to handle credentials since using such software can protect your business or organization from weak passwords. These tools keep an eye on all existing passwords, their security level and lifespan, and will prompt for a password change if a weak password or security breach has been detected. Using the built-in password generator will result in a unique and cryptographically secure password for every account for every employee without the problematic need to remember it. The only thing employees need to remember is the master password that they create, and the password manager will take care of the rest.

1Password Teams is such a service. Along with creating an individual security vault for each employee, it helps business owners keep track of passwords, manage users, access levels, and much more. And it also contains a continuously updated database of hacked services and warns you if a password change is needed for an online service that the team is using.

By using a password manager you’ll have full control: a secure password policy can be created and no one will be exempt from its requirements. This means a much lower risk of a data breaches, less time spent on coming up with secure passwords and therefore greater productivity. And that’s what counts the most.