Before the Time Runs Out!
Riddle Me This, Dear Reader,
What Do These Little Threads Share?
I’ll tell you in a minute. A secret. A code. A… 12345. Uh… password.
I’m lucky to work with a team of password management rockstars because I’m about as QWERTY as it gets when it comes to password history. One of my network admins once scolded me for choosing “password” to access a vulnerable system, and I’ve depended on multi-factor authentication and other cybersecurity tricks ever since. If you’re shaking your head at me over my password management talents, then let’s take a quick look at the most common passwords of 2018: 123456, password, 123456789, 12345, 111111, 1234567, sunshine, qwerty, iloveyou.
Password proliferation has become the norm. With every new app, website and device that we commandeer, there’s new access information created. Moreover, many of these systems require a periodic reset. Keeping track of all of these passcodes can be likened to taking a mnemonic census of an anthill.
Archimedes once said that if only he had a solid rock on which to stand, he would move the earth.
If you assume that your passwords are a firm footing, prepare to have your assumptions rocked. It is believed that up to 80% of common hacking activities are due to compromised credentials, mostly in the form of stolen usernames and passwords. Worse still, IT Managers report 73% of all passwords used are duplicated in multiple applications.
When people use the same password for multiple systems, having one password exposed may compromise the whole network of applications. Luckily, password management doesn’t mean you have to buy a walk-in safe to store your password diaries. To keep it simple, here are a few tips to memorize as a starting point for improved password management:
- Never use the same password twice
- Never write down your passwords
- Never share your passwords with anyone else
- Never use real words or known information about yourself in your passwords
- Avoid commonly used passwords
The last bullet is especially salient—50% of all attacks involve the top 25 most used passwords, proving there are risks involved in “getting qwerty” with your password management procedures.
Need a more sophisticated password management plan?
Let’s talk password management solutions and multi-factor authentication, two great ways to prevent getting hacked.
Password Manager: A password manager solution, such as SolarWinds’s PassPortal, allows you to store all of your passwords in one place. This makes managing and remembering all of them much easier. Make sure your password manager solution is itself password protected, preferably with multi-factor authentication.
Multi-factor authentication: Multi-factor authentication is the use of additional forms of authentication in conjunction with a traditional password. This most often takes the form of a shared key, sent to a separate device, or calculated through a common authentication application. This makes it difficult for a compromised password to compromise the application. Enable multi-factor authentication wherever possible, but make sure your secondary authentication source is equally secured with a strong password—failure to do so is like having a biplane write your shared key in the sky.
Random password generators can also help create passwords, but the results are often long random jumbles of characters and quite difficult to remember. Unless you can recite the longest word in the world from memory, you might want to use these password management tools in conjunction with a password management solution.
If you’re a business owner trusting dozens or hundreds or thousands of employees with sensitive information, then a managed IT solution that includes password management will definitely be the safest way to interact with the millions of letters, numbers and characters that are involved in the multitude of passwords that access the data of your systems.