Please fill in the form below to subscribe to our blog

5 Ways to Better Secure Your Employees’ Passwords

April 10, 2017

As providers of comprehensive cybersecurity solutions, we’re often asked how an organization can better ensure that their employees are being safe online. There are numerous ways to prevent a data breach, from the implementation of a threat intelligence tool to network security protocols that screen your supply chain.

However, if you’re not educating your employees on the importance of cyber safety, then you’re leaving the back door wide open for hackers. Employee data may pose the highest risk for organizations, so it’s important to make sure there are security protocols in place, that employees stay alert to any potential scams and that everyone is prepared in the event that a data breach does occur. All of this starts with a safe password.

The Basics of Password Security

Here are several tips for securing your passwords. Keep in mind that all of these tactics can be defeated; the idea is to make yourself a hard target for the hacker to penetrate.

  • Use different passwords for all of your accounts. Ensure that you’re using more than just a slight variation on all of your passwords. If a hacker has a password for one of your employee’s accounts, the first thing they will do is guess variations for other accounts.
  • Use capital and lower-case letters, number and special characters in your passwords. The more variations of characters you use, the harder it is for a hacker to steal your password. Consider using a password tool to create and store your secure passwords. It’s very important to have a strong password to get into your password manager – otherwise you’re not securing your passwords.
  • Keep your passwords physically secure. It doesn’t do any good to create a secure password and then put it on your monitor with a sticky note.
  • Train employees to be alert to “phishing” attacks. Phishing attacks are emails that appear to be legitimate, but are used to access secure data like passwords. A typical phishing scam is to send an email telling the employee to reset their password for an account and giving them a hyperlink to do so. The reset requires employees to first input their current password. When they do so, they’ve given their password to the hacker. A thorough data security policy and appropriate training should be something that every employee needs to undertake.
  • Train employees not to use their business email address on third-party sites (like Amazon.) This is often the first step to having business data stolen. The hacker uses the business email and guesses variations of the password used on the third-party site to gain access to business networks.

While no policy to secure passwords is 100% secure, a robust password security policy makes it easier for hackers to look for someone less vulnerable. Try these tips to keep the wolves at bay and let us know if they’ve helped by tweeting to us @ID_Agent.