Passwords are designed to give you access to an online world while protecting your information. However, with threats looming large, this first point of cybersecurity is becoming a weak spot that can involve dire consequences if unaddressed.
Relying on passwords for security has become increasingly problematic. Devising and remembering a complex password for every account and website is virtually impossible on your own. Yet using weak and simple passwords is a recipe for data breaches, account takeovers, and other forms of cyberattack.
Reports tell us about the situation…
For its report The misfortunate passwords of Fortune 500 companies, NordPass researchers analyzed data from public third-party breaches that affected Fortune 500 companies. The data included details from more than 15 million breaches across 17 different industries.
The researchers looked at the top 10 passwords used in each industry, the percentile of unique passwords, and the number of data breaches that hit each sector.
The word “password” is still being used and misused as the most common password across all industries, including retail and e-commerce, energy, technology, finances, and even IT and technology. Among other passwords in the top ten list, some common choices were “123456,” “Hello123,” and “sunshine.”
According to a Verizon report, more than 80 per cent of data breaches occur from weak or compromised passwords, creating the likelihood of an ongoing vulnerability regardless of how much technology is deployed to defeat hackers.
Certified cybersecurity. Multifactor authentication
Education and awareness are becoming more crucial in cyber security, especially in SMEs.
Two-factor authentication is great but you need to educate people about it because most employees complain about it.
The term “two-factor authentication” refers to a second step to confirm who you are. An additional layer of protection will, by default, provide more security than a single barrier.
The easiest way to “lock the door” on technology is employing multi-factor authentication. This security measure requires users to present at least two pieces of evidence before gaining access to a server, device, database or software program. A cybercriminal who has obtained a user’s login and password, for example, would still need to have access to that person’s unlocked cell phone or email to obtain a time-sensitive verification code.
See how Soffid can help you stay ahead of the curve in a rapidly evolving digital world. Share your requirements and a representative will follow up to discuss how Soffid can help secure your organization.