Go Back Arrow

Common Password Habits You Need To Break Today

Despite it being a bit annoying when you forget them, passwords are there to keep our data and personal accounts secure from prying eyes. However, no matter how well you think you might manage your passwords, there are some easy traps to fall into. Today, we’ve rounded up the most common password mistakes and we’re offering some solutions that you can implement from tomorrow.

Written by Courtney Farrow

January 2019

Mistake 1: Creating one password for everything.

Using the same password for every account – or even a few of your accounts – is dangerous.

Why?

Because if a hacker uncovers one password, they’ll have instant access to all of your accounts.

Of course, if a hacker discovered any password, it wouldn’t be ideal, but if all of your passwords are unique, their access stops at one account, rather than spreading across your social media, emails, bank, Paypal – you get the picture.

Solution:

The average person has at least 90 online accounts, so it’s fair to say it would be impossible to remember almost 100 unique passwords. A secure, encrypted password manager like LastPass or DashLane, can save you the trouble and keep your accounts secure.

Mistake 2: Sharing passwords.

We’ve all done it. A colleague asks you for access to an account, whether that’s the company’s Twitter account or a piece of software that they don’t have access to.

However, it’s crucial to monitor and limit who has details for any account to avoid a security breach.

Solution:

You shouldn’t really share passwords with anyone, but one solution to this could be to set up a temporary password for the time a user needs to access it.

Again, LastPass boasts a nifty feature that allows you to securely share passwords inside and outside of your organisation.

Note: You need to be wary of phishing scammers in this instance. Many online con artists frequently pretend to be colleagues via email or over the phone in order to get you to share login details.

We’ve written a whole blog post about how to spot a phishing scam here.

Mistake 3: Leaving your passwords on a Post-It.

Remembering all of your passwords can be a pain, so it’s tempting to write them down in a notebook, on a Post-It note or save them on a spreadsheet.

Obviously, this isn’t secure at all. If your passwords are saved on a sticky note that is adhered to your monitor, anyone who sits at your machine can now access your account. Not to mention the chances of losing a flimsy bit of paper are fairly high.

Solution:

Manage your passwords securely with an encrypted tool such as LastPass and save your sticky notes for other, less risky, reminders.

Mistake 4: Using an obvious password.

Nowadays, many companies won’t let you sign up for an account unless you have a combination of characters, numbers and obscure punctuation marks. But, on top of this, it’s important to avoid phrases that are obvious, such as ‘Password1’ or anything including your name or your company’s name.

Solution:

The best way to do this is to use a password generator, or create a ‘passphrase’, such as “S1A&tbMISPitW!”, which stands for Singularitee is awesome and the best Managed IT Services Provider in the world!

That’s not one of our passwords by the way…

You can check the strength of your passwords with this handy tool from Kaspersky.

Mistake 5: Turning off Multi-Factor (MF) Authentication.

It can be a bit tedious having to reach for your phone or another device to retrieve a code that confirms who you are, but MF (also known as Two-Factor Authentication) provides an extra layer of protection that decreases your risk of getting hacked.

Solution:

Be sure to look at the privacy and password settings of all of your accounts and switch 2F Authentication on, as many companies are now offering this option.

On top of this, look into tools like Google Authenticator and Authy – these services link up to your accounts and provide you with a code on a second device that changes every few seconds.

Passwords are a dying breed.

If you find passwords a pain, then you’ll be happy to know that many tech companies are now moving away from them and developing technologies that allow you to log in with your thumbprint or only log in once to access a range of services.

However, passwords are still something that you need to be concerned with today in order to keep your business secure tomorrow.


Have any questions regarding security or IT issues? Please don’t hesitate to get in touch right now.

Expect more from your IT company

Don't let your IT go to waste, make the most out of your technology through our guidance, advice and services.