With the evolution of the internet of things, systems and software available to businesses around the world, there are many times a day where we need to input a password. But how strong is your organization’s password security and what can you do to take it to the next level?
3 Reasons You Should Stop Relying on Passwords
Single-factor authentication (i.e. usernames and passwords) on their own are not sufficient to protect from threat actors. Let’s take a look at some of the major risks to using a standard password system.
1. Password Reuse
It’s hard enough to remember one random, symbol-filled alphanumeric password, let alone a different one for every platform you use across the web. All too often people resort to reusing passwords. This becomes a major problem when one of those platforms is compromised. If that same password was used to access a corporate resource, such as email or VPN, your organization may be vulnerable.
2. Social Engineering
The amount of personal information on the internet serves as great fuel for hackers who rely on social engineering to gain access to passwords or the accounts they are supposed to protect. Hackers research their target and use the information to stage a customized attack. Whether this is in the form of a phishing email specifically designed to seem legitimate to the recipient, or gathering enough information to impersonate the target to bypass security questions, social engineering is increasingly in the news and presents a large threat to users relying only on passwords.
3. Form-grabbing Malware
Form-grabbing malware can be used to collect authorization and log-in credentials via a web form, such as an employee’s username and password, and gain access to the company systems such as a VPN. By retrieving this information before it is passed over the internet to a secure server, the malware is able to avoid HTTPS encryption.
How Strong Are Your Organization’s Passwords
You probably want to start by considering how strong your organization’s password security is currently and what you can do to improve password hygiene within the company.
Okay, you can’t exactly go around asking all your employees…