Directive Blogs
Tip of the Week: What to Do When Passwords “Don’t Cut the Mustard” Anymore
Virtually every kind of online account requires a password. Yet, due to the aggressive nature of hackers, passwords alone are no longer enough to protect your information. The best way to approach network security is to have more protections in place than just a flimsy password.
Why Aren’t Passwords Good Enough?
Today’s hackers have an arsenal of advanced tools they can use to crack a password. Here are just a few:
- Brute-force attacks: This is where thousands of different passwords per second are tried in an attempt to enter the correct one. When it comes to hacking, instead of thinking about a lone hacker sitting at a keyboard typing one password after another, picture an automated process driven by powerful computers, leaving the hacker to sit back and take it easy.
- Infiltrating databases: With so much information stored in the cloud, like passwords, hackers are targeting Internet-connected databases like never before. Unfortunately, stories of major database hacks are a common sight in today’s headlines.
- Social engineering tactics: With the rise of social media, personal information is being shared over the Internet in a variety of ways. Hackers love tricking people to fork over their personal details about their lives, because these details are often associated with a user's password. This is why your password shouldn’t be something publicly known, like the name of your pet or child.
Due to factors like these, selecting a password has become challenging. For example, it feels like you only have two options when it comes to your passwords; 1) Come up with a password that’s easy to remember (and have it be prone to hacking), or 2) Have the password be long and complex, thus making it difficult to remember.
Passwords Need Some Help
Passwords are still a key part of the security equation, but they shouldn’t be the only part. This is where two-factor authentication comes into play, requiring a second form of authentication after the password is successfully entered. Many of the additional authentication options available to users lie outside the grasp of hackers, like an SMS message with a unique code sent directly to the user’s cell phone.
Another way to protect your information is monitoring your account’s access logs for any suspicious activity, like a new user logging on from somewhere in the world that makes no sense. Monitoring your network like this is just one way that Directive can proactively secure your data. This way, a hacker who has successfully stolen the correct password will still be flagged and subsequently blocked from doing any damage.
In addition to two-factor authentication and monitoring access logs, you should take advantage of an enterprise-level password management system that stores all of your passwords in a secure application, and then automatically plugs them into accounts so that you don’t have to keep track of complex passwords. This is in addition to a comprehensive network security solution like a Unified Threat Management tool.
For more information about password security best practices, give Directive a call at 607.433.2200.