Hey everyone, we have a password problem. This isn’t a new problem, but it is one that has stuck around. Several weeks back I wrote about the valid account problem that we have and how we may not even be aware of it. The valid account problem pertains to keeping unused user accounts open despite the user no longer being employed with us. Well the password problem is similar in that we often mismanage the passwords we use for our accounts.
Password mismanagement
Managing passwords can be difficult, especially when you have several dozen or more accounts to remember. Password reuse, using simple passwords, saving passwords on your computer, using a post-it note on your monitor, or sharing your passwords are all examples of mismanagement.
This mismanagement can lead to unauthorized access to your accounts. One of the main goals cybercriminals have is to obtain access to your accounts. Once they have access they can get your data and financials. Because of this, it is paramount we make it more difficult for them.
What you can do
One of the best tools in our resource bag is a password manager. There is a plethora of them you can pick from so I recommend trying a few out and seeing what you like best. Password managers allow you to more securely store your passwords in an accessible way. They also can create complex passwords for you, so you never need to think of one again. Once you have your credentials saved, password managers can help you quickly access your accounts, update your passwords, and even safely share a password if you ever need to. These are a great first step to securing your accounts.
Next on my list of best tools is multifactor authentication. This is truly one of the best ways you can minimize the chances a cybercriminal gains access to your accounts. Multifactor authentication or MFA, requires an additional step to authenticate into one of your accounts. This is usually through a push notification from an app on your smartphone, a one time expiring passcode from that same app, or a one time passcode sent to you via text or email. There are some other methods for MFA, but these are usually the most commonly used.
Most of our accounts these days offer some form of MFA and it is highly recommended to enable it. I strongly recommend MFA on your email, financial accounts, and any account with admin rights. This will add an additional layer of security with your password manager to help secure your passwords and accounts.
To learn more about protecting your small business from the password problem or to learn about more cybersecurity small business trends and topics visit Small Business, Big Threat.