Are your staff using proper password practices?

Company email accounts are frequently targeted by cybercriminals for the valuable information and access they offer.

Accounts are storehouses of sensitive information, ranging from company finances and account details to customers’ personal data. Enterprise owners are responsible for safeguarding private information in their care, and all that often stands between hackers and a data breach is an email password.

As a result, it is vital that best password practices are adopted at your firm. Instead of allowing staff to select their own, issue them to ensure they are complex enough that hackers can’t crack them, and change them regularly but randomly.

Left to their own devices, employees often pick simple passwords to recall that feature easy to guess or personal information. When you create passwords, ensure they are lengthy but not too difficult for your team to remember. The National Cyber Security Centre (NCSCs) advice to accomplish this is to select three unrelated words and combine them to make one password.

Never use the same password for multiple email accounts or for other secure areas of your system. That way, if a compromise occurs, you can limit how much access attackers can obtain. Additionally, set up multi-factor authentication (MFA) on your company accounts so that even if threat operators get a password, they cannot enter accounts. MFA options include a PIN sent by text to an employee’s phone, or biometric data like a fingerprint or retinal scan.

For advice and support on all things cybersecurity, reach out to our experienced team at 127 Solutions.