Story image

Expert offers password tips to aid a stress-free sleep

15 Mar 2019

The 15th March marks a day that you might not have been aware of - World Sleep Day.

For many people, the worries of the day can often crawl into night-time routines and cause lost or disrupted sleep - and a perfect example of that is those that work in the cybersecurity industry.

Ever-changing threats, almost daily news of breaches, and the constant and relentless risks for businesses.

According to LogMeIn, almost  over 271 thousand records are breached every hour, adding to 2.1 million records in one night’s 8-hour sleep - pretty good cause for late night stress among cybersecurity professionals.

LogMeIn chief technology officer Sandor Palfy says given the magnitude of the situation, it’s surprising to consider that the cause is a relatively simple act that everyone is familiar with, as 81 percent of confirmed data breaches are caused by passwords.

So in light of World Sleep Day, Palfy has shared his best practices for password management to perhaps enable a better sleep among cybersecurity professionals.

Require strong passwords for every account

“The most secure passwords are at least 18 characters and include a mix of numbers, letters and symbols. Short, easy-to-remember or default passwords are not secure and can be easily cracked by hackers,” says Palfy.

“It’s also imperative that then these passwords are not re-used on multiple other online accounts. Putting password strength policies in place in your organisation will help prevent weak password creation and reuse.”

Password management

“Given that the average person has 200 passwords to keep track of, there can be strong reluctance to create unique, complicated passwords for every online account that are updated much more frequently. To that end, a password management tool can be used to generate and store secure passwords,” says Palfy.

“A password manager can also help identify passwords at greatest risk and automatically update them as needed, removing the chore from employees. Once employees begin to use the password manager as part of their daily workflow, they will start replacing their short and repeated passwords with long and unique ones.”

Train employees on proper password management

“It may surprise (and anger!) some IT professionals that employees often use the same passwords across professional and personal accounts – 59% have reported mostly or always using the same password,” says Palfy.

“Employees should be trained on the risk involved with reusing passwords and be advised to use unique passwords for each account.”

Be careful when sharing passwords

“Sharing passwords in the workplace is inevitable, but you should never share those passwords via email or text. You always want to limit the exposure to a password and thus limit its vulnerability to hacking,” says Palfy.

“This includes storing multiple passwords in an easily-accessible document, which again is common practice with 42% reportedly keeping passwords in a file on a mobile device, word document or Excel spreadsheet. Using a password management tool to help you securely share access to passwords is your best bet.”

Implement multifactor authentication (MFA)

“MFA is one of the most effective ways to add another layer of security to password protected accounts,” says Palfy.

“Even if a hacker obtains a password, they will still have to provide an additional factor before breaching the account. Multifactor authentication adoption is still relatively low and should absolutely be considered by more organisations.”

Palfy hopes that these tips help for this World Sleep Day, as everyone deserves a good night’s sleep at the end of a long work day.

Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
One Identity named Leader in PAM and IAM by KuppingerCole
KuppingerCole lead analyst Anmol Singh evaluated the strengths and weaknesses of 20 solution providers in the PAM market for the report.
Healthcare environments difficult to secure - Forescout
The convergence of IT, Internet of Things (IoT) and operational technology (OT) makes it more difficult for the healthcare industry to manage a wide array of hard-to-control network security risks.
Bitglass appoints new cloud, business development leaders
The cloud security company has appointed vice presidents for worldwide channels and worldwide business development.