Every year on the first Thursday in May World Password Day promotes better password habits. This day is important as during the pandemic, cybercriminals have taken the opportunity to capitalise on cyberattacks. Our cybersecurity has become stretched to the limit with so many of us working from home. There is no doubt that remote working has relaxed effective password management.
Taking care of your passwords is vital to protecting yourself on a personal level and also protecting your business on a professional level. Hardly a day goes by without us hearing about a data breach. One of the most common causes of data breaches is believe it or not – passwords (over 80%)!
Think of passwords as your online bodyguard. They allow you to do everything from shopping to studying to viewing your bank details. Without appropriate protected passwords, your entire life is accessible by others.
Imagine losing access to your accounts and everything in it! So what can you do to protect yourself.
Do not use common passwords
If your password is ‘123456’ or ‘password’ – change it right now! These are the most commonly used passwords meaning if you use them, you have a high chance of getting hacked online. Also avoid using personal details in your passwords,
The more complex your password, the more difficult it is to be found. Make something up such as first letters from a sentence with a mix of numbers. An easy way to create uncommon passwords is to use the suggested ‘strong password’ that some platforms auto populate.
Do not use the same passwords for every log in
The idea of having one password for every account is tempting as it makes life easier. We have all been locked out accounts for forgetting our password.
The issue is that in doing this, you increase your chances of your data being compromised. If a hacker gets your password, they will have access to every account that you have! So, ensure your logins are unique for each account you have.
Don’t ignore suspicious activity
We all get lots of spam emails and it can be hard to know which ones are legit. If you get an email from your account provider notifying you of suspicious activity, don’t ignore it. Ignoring suspicious activity will put you at risk.
Check that the email sender is legit before you click on any links, you can even contact the provider via telephone to get confirmation. Once you have confirmed that the notification is legitimate, it’s likely someone is trying to hack your account. Use this opportunity to change your passwords to prevent an attacker gaining access.
Use multi factor authentication
Embrace Google Workspace’s two factor authentication (or any platform’s multi-factor authentication). This helps to protect you even if someone has your password.
Multi factor authentication works by requiring you to enter more than one way of identification before gaining access to an account. For example – the most common would be sending a security code to your smartphone or answering a security question on top of entering the password.
How Google Workspace two-factor authentication works:
It’s an extra layer of security to your Google account in case your password is stolen. You’ll sign in using two things, usually your password and a notification via your phone.
How to turn on Google Workspace two-factor authentication:
- Open your Google account
- Select Security
- Under “Signing in to Google”, select 2-step verification > Get started
- Follow the steps
Google will ask you to complete a second step to verify it’s you. We recommend you do this using Google prompts, not text message.
Google prompts are notifications you will receive on Android phones logged into your account or iPhones with the smart lock, gmail or google app that are signed in to your account.
(your school or business may need to do this for you if you are not using a personal account)
Once you have completed two factor authentication on a particular device, you can then choose not to use it again on that device. It will only ask for your password when you sign in. You will still be covered because when anyone else tries to sign in to your account from another device, two factor authentication will be required.
Ensure remote working is done securely
With the rise in cloud based applications such as Google Workspace and other collaboration tools, it’s important to educate employees on good cybersecurity practices.
Conduct regular awareness training of the risks and offer advice / ways to help keep them safe online. Encourage employees to check and change their passwords or even set up a system to force a password change regularly.
If you are looking for an external partner to provide cyber security training, reach out to us today. We would be happy to provide you with a complimentary consultation to help keep you and your organisation safe online.