It’s World Password Day, though we’re sure you knew that, right?
Let’s be honest, passwords are one of the necessary evils of modern life. We need them, but we rarely think about them. Yes, we’re constantly creating, remembering and resetting our passwords, but we rarely consider whether they are actually any good at the job they’re meant to do.
Stats suggest they aren’t. Thanks to cybercrime, fraud is now the most commonly experienced crime in the UK. Many cases go unreported – even undetected – and high-profile hacks hitting headlines are just the tip of the proverbial iceberg.
In short, hackers are after your data, and you’re probably making it too easy for them.
If there’s an easy pattern to your passwords, or you reuse them across multiple accounts, it could take just one data breach on a seemingly innocuous website for hackers to start building a detailed picture of who you are, where you live, where you work, and so on.
Your password behaviour could even be putting your company at risk.
Hackers can find creative ways into workplace IT systems. A chain is only as strong as its weakest link and all they need is one vulnerable point (you) before it’s a hop, skip and jump to your company’s precious data.
Viewed through this lens, is it time internal communicators started taking passwords a LOT more seriously – both as a topic for communications, and in terms of protecting our digital publications?
Password protection is still seen by many in our industry as an (unnecessary) barrier to entry. The argument we often hear is: “You could easily leave a printed company magazine on the bus, so if there’s no sensitive information in the digital magazine, what’s the point of a password?”
That’s a sound argument for leaving access open, and, counter intuitively it’s probably a better option than having password protection on a low-level secured site that is hackable.
Once you add passwords to the mix, you’re essentially giving hackers something of value to steal, so if you do need password protection, a word of caution: make sure you do it properly.
That means taking the issue seriously, engaging with your IT team to synchronise access with your Active Directory, enforcing secure passwords and even considering two factor authentication if you want extra peace of mind when you lay your head to rest at night.
Any tech expert will tell you that the most vulnerable point in an IT system is the people who use it, so perhaps it’s time to beef up your password security: