In a recent global research by Lenovo, a majority of employees surveyed believe the COVID-inspired shift to working practices may have a long-lasting impact on how employers view remote-work policies.
With more people working remotely, many more remote devices will be connecting to businesses’ networks – often via VPN – than ever. This increases the likelihood of employees using unsecured WiFi connections.
Alarmingly, this coincides with observations of a surge in hackers taking advantage of the pandemic in Australia. With hackers becoming more sophisticated than ever thanks to evolving technologies, businesses need to take a proactive stance when it comes to educating staff on what exactly is meant by a “secure password”. This information is increasingly vital in a time when there are heightened risks to security and crisis scams abound.
The first step in creating a strong password is knowing what a weak one looks like. Often, weak passwords include common words or phrases that are easy to guess (especially by someone who knows you), are short or can be easily deciphered.
Recently, an Australian defensive cyber researcher was able to penetrate the World Health Organisation’s (WHO) systems using an old database of emails and passwords leaked online. Robert Potter observed that forty-eight WHO employees have “password” as their password, one of the most common, and most commonly hacked, passwords out there.
Here are a few more examples of weak passwords, and password characteristics, that you should avoid:
An easy and clever way to devise a memorable, yet secure, password is phrases. The length of this phrase is important as each character you add makes it that much harder to crack with brute force tools. Be sure to include spaces into your password if the site allows.
One of the most basic cyber hygiene practices is to refrain from using the same password for multiple sites or platforms. When Disney+ launched late last year, Australians had their accounts compromised despite there being no evidence Disney suffered a direct security breach. If one site falls victim to an attack and your credentials are sold on the dark web, any hacker can purchase this information to hack another service.
Once you’ve landed on a password there’s only one step left: making sure you keep your new password secure. Password maintenance is a crucial component of password security, so here are a few things to keep in mind in order to keep a strong password secure:
Tyler Moffitt, Security Analyst, Webroot