We all use passwords on a daily basis. A website behind a password protected page is the ubiquitous sign that our data should be safe. If we take a step back, what is a password? It is a secret we decide to share with a website so they can use it to confirm we are who we say we are. And we trust that website with that secret.
a secret word or phrase that must be used to gain admission to a place.
the process or action of verifying the identity of a user or process.
Source: Oxford Languages Dictionary
Unfortunately, as we all know, our passwords and our data are coveted. Malicious actors have several weapons to their arsenal, for example:
Being aware of these attacks can help us create passwords that are more secure. Easy to guess passwords carry additional risk - but who has a good enough memory to remember a sequence of 20 random characters?
Having a unique password reused across several websites means you trust each of these sites to have appropriate protection measures that can keep your secret safe... I’m sure we all know what tends to happen when a secret is shared with a number of different parties - it doesn’t stay secret for very long.
Finding the right balance between password complexity and not reusing passwords for websites that store valuable information is a challenge. We wouldn’t recommend writing passwords on post-it notes or in a mypasswords.txt file on your desktop either, for obvious reasons.
So what would we recommend?
Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.
Ultimately, all websites know that you can forget passwords, so not remembering a complex password should not be a big issue. In reality, you could even try to not remember it at all and reset the password whenever needed. This is not the most practical solution but it relieves your memory from remembering complex passwords.
Our portal helps you maintain strong and secure passwords in a number of ways:
1. Helping you implement a strong password policy through our IT Policy generator which follows best practice and is included in subscriptions. A strong password policy gives guidance to your team to enforce the use of strong passwords which are more resistant to hacking attempts.
2. Helping you generate strong passwords through our strong password generator included in our subscriptions. Our secure password generator automatically checks against a database of known breaches, reducing the chances of you using a password that is already in a breach.
3. Sending you data breach notifications that impact your staff's email addresses members. Our dark web monitoring service included in Level 2 of our portal (Advanced Security) alerts you if any of your team members passwords have been compromised in public data breaches. If any of them have been compromised, instructions can be sent to your staff members from our portal, advising them of what to do.
4. Helping you implement 2FA centrally for emails. Ousubscriptions incorporate a tutorial on how to implement 2FA for your emails centrally, which is also a requirement to obtain the Digitally Aware certificate.
Start protecting your accounts with secure passwords by creating a free account here.