Passwords Are Your Best Cyber Protection, But Are You Using The Best Ones?

A recent survey shows that internet users continue to prioritize convenience over cybersecurity.

Ponemon Institute's 2019 State of Password and Authentication Security Behaviors Report found that the majority of people think managing their passwords is "too difficult." According to the survey, respondents spend an average of 12.6 minutes per week entering or resetting passwords.

Among respondents, 69 percent said they share their passwords so their colleagues can access accounts. Fifty-one percent reuse an average of five passwords for both personal and business accounts. Over half—55 percent—of respondents never use two-factor authentication at work.

According to the survey, 57 percent of those who experienced a phishing attack did not change their password practices as a result. Mekhala Roy "Ponemon study: Poor password practices remain rampant" searchsecurity.techtarget.com (Feb. 15, 2019).

Commentary

Innovators are working to eliminate passwords, but for now passwords are your most important tool in protecting your personal information and your employer's private organizational information from cybercriminals. 

Using a strong, unique password for every account is essential. If a cybercriminal steals your password in a data breach and you use that same password for multiple accounts, the hacker can now access additional amounts of your data.

However, you do not have to rely on your memory to keep track of hundreds of unique passwords. There are tools you can use to make good password practices more convenient. Password managers allow users to create hard-to-crack passwords for every account and still easily keep track of them. If you write down passwords, make sure to store them in a safe. Never store passwords in an unencrypted document on your computer, which is easy for hackers to steal.

Also, take advantage of available technology that provides additional protection beyond passwords. Enable two-factor authentication whenever possible. Two-factor authentication can prevent a hacker who successfully steals your password from accessing data stored in online accounts.

If you do not properly protect data, you leave it vulnerable to hackers. Cybercriminals who access private information can use it to commit identity theft. Recovering from identity theft takes time and money - far more than putting some effort into protecting information with strong password practices.

Here are some types of data cyberthieves target to steal:

  • Bank and financial account numbers
  • Credit card numbers
  • Stock account numbers
  • Retirement account numbers
  • Loan or line of credit numbers
  • Social Security numbers
  • PIN numbers
  • Login or user names
  • Passwords
  • Driver's license numbers
  • Health insurance information
  • Health records
  • Birthdates
  • Email addresses
  • Personal addresses
  • Telephone numbers
  • Private images
  • Trade secrets
  • Customer lists
  • Customer credit card and financial account information
  • Business plans
  • Business processes
  • Any other type of financial or other account information
Finally, your opinion is important to us. Please complete the opinion survey: