Most businesses, both small and large are still using archaic methods of keeping and managing their employee and business passwords. From using sticky notes to using an excel doc I’ve seen it all. Unfortunately, this isn’t the only issue we see with small business owners including using easily guessable passwords, for critical systems that hold: Social Security Numbers (SSN), business credit cards, personal credit cards, intellectual property and so much more. These guessable passwords could be guessed within a matter of minutes by a single competent hacker.
So what’s the easiest and the best solution for password management? Our suggestion is to start using either a self-hosted password server (such as BitWarden) or a cloud solution such as LastPass. Both have the ability to use a Master Password along with 2FA (2-factor authentication) which will help prevent any unwanted access to your precious passwords and secure notes.
These solutions mentioned can assist with generating secure passwords which are randomized and with a length of 12+ characters will take a powerful computer over 200 years to solve for your passwords. We recommend at least 12 characters as even an 8 character password would only take 5 days. In general, the longer and more complex a password is, the longer it would take to crack it. When you start using a password manager don’t forget to change EVERY password to something different, as using the same password for multiple logins is just as risky because if one of those websites or applications have a breach on their own, and the hackers are able to receive the password from one database, that means they could attempt to use it on other sites (this is becoming more frequent with companies not protecting their systems properly – don’t put your businesses safety at the whim of incompetent database managers)
Example: If your password is your dog’s name (fido12345!) this password is inadequate as hackers are getting smarter. Using social engineering strategies to help assist in the speed of guessing what your password is. For example, a hacker might search for you on Facebook, creating a list of your posts and deciphering names and important phrases, using fido as your dog’s name in a brute force list which heavily speeds up the time for a computer to guess that ‘12345!’ comes after your dog’s name. This is why using randomized passwords is the best method in preventing hackers from accessing your data, along with a secure password manager such as LastPass.