Skip to content
CybersecurityRemote workTechnology

Encouraging Employees to Adopt Strong Password Practices Consistently

Internet security is a pressing concern, particularly for companies guarding sensitive data. Weak passwords, often used by employees, can pose a significant risk, making them a focal point for concern. A robust, secure password is crucial to safeguard data from potential breaches.

 and  Administrator
4 min read
Online security is of paramount importance, especially for companies, as they are at risk of data...
Online security is of paramount importance, especially for companies, as they are at risk of data breaches due to employees using inadequate passwords for their accounts. It is common knowledge that robust passwords are crucial to safeguarding information; however, many individuals still overlook this vital aspect.

Encouraging Employees to Adopt Strong Password Practices Consistently

Embracing solid password management techniques is a must for safeguarding user accounts, especially for companies tackle potential data breaches due to weak employee passwords. Yet, many employees overlook the importance of robust passwords, particularly when it comes to handling company data.

These security mishaps occur because employees prefer to bank on simple, easy-to-remember passwords to avoid the hassle of dealing with complex checks. As a result, password security remains a largely underestimated concern, leaving companies in a tough spot. The challenge lies in educating employees on the significance of employing powerful passwords across all systems they access.

Despite knowing the threats associated with using suboptimal passwords, employees continue to disregard this advice. The second problem lies in their approach to password reuse, as they employ the same passcode across various accounts, multiplying the danger of an extensive security breach.

To tackle this issue, companies must identify an effective strategy tailored to their employees' preferences and habits. In this piece, we discuss practical steps companies can implement to achieve the optimal level of protection in any given situation.

Consider a Disposable Password

Disposable or 'throwaway' passwords are typically linked with disposable email addresses. These email accounts come in handy when subscribing to feeds that generate an excessive amount of promotional emails. Since there's little value in the data associated with these accounts, passwords can be relatively insignificant if they're compromised and emails are accessed.

Password Phrase: A Stepping Stone

Length is a critical factor in ensuring password strength and resistance to brute force attacks, which involve computer programs attempting to crack passwords by generating sequential combinations. Experts advocate a minimum password length of 12 characters. However, this target can be challenging to maintain due to complexity concerns. A potential solution is to adopt a password phrase, but avoid using popular phrases, songs, or famous quotes to minimize the risk of cyber intrusion.

Patterned Password Phrase

Using a patterned password phrase offers an ideal blend of length and complexity, without causing memory challenges. Employees can adopt a common password phrase for multiple applications, making it easier to remember, but modify it sufficiently for each account to maintain distinctiveness. Encourage the use of a mix of upper and lowercase letters, as well as uncommon special symbols to augment security.

Combining Password Phrase with 2FA

Two-Factor Authentication (2FA) is essential for safeguarding sensitive accounts like finance and banking accounts, file-sharing platforms, etc. This measure is even mandatory for most work emails and applications related to work. The 2FA method involves sending a text message or email with an unlock key that the user must input every time they log into a sensitive account. Sometimes, biometric verification or specific tokens may also be employed for accessing sensitive accounts.

Utilizing a Password Manager with 2FA

Remembering unique password phrases with 2FA can become increasingly challenging as you manage access to numerous accounts, both personal and professional. One solution is to leverage a password manager to help users store and manage passwords more effortlessly. Password managers offer the added advantage of maintaining data in a centralized location, enabling companies to block all company-related access to an employee who leaves or is absent for an extended period.

Common Passwords: A Red Flag

Shared passwords pose an increased risk, as they become even more vulnerable when multiple users access the same account. Companies must make it mandatory to change the password every 90 days, if not 30, and update it when someone using the common account departs the company.

Neglecting password management is a significant contributor to data breaches across organizations. To combat this issue, companies must adopt user-friendly password management policies that prioritize both employee ease-of-use and enhanced data security.

Empowering Your Employees to Adopt Strong Password Habitsby Luke Bencie and Sydney Williams, HBR 2023/01

Share this:

  • Click to print (Opens in new window)Print
  • Click to share on LinkedIn (Opens in new window)LinkedIn
  • Click to share on X (Opens in new window)X
  • Click to email a link to a friend (Opens in new window)Email
  • Click to share on Facebook (Opens in new window)Facebook
  • Click to share on Pinterest (Opens in new window)Pinterest
  • Click to share on WhatsApp (Opens in new window)WhatsApp
  • Click to share on AddToAny (Opens in new window)AddToAny
  • Click to share on Pocket (Opens in new window)Pocket
  • Click to share on Reddit (Opens in new window)Reddit

Cybersecurity Is More Than Just a Tech Problem

While working remotely has become an accepted norm, safeguarding information within and outside the organization has become essential. This responsibility doesn't solely fall on the IT department, but it also involves top leadership and HR department participation. This process requires a complete overhaul of the organization's cybersecurity strategies[1][2][3].

In "HBR"

Inside Job: The Biggest Cybersecurity Risks Lurk Within Your Organization

As the acceptance of digital technologies continues to grow in the workplace, the susceptibility to cyber attacks is likely to increase. With more employees using digital programs for creating, sharing, storing, and managing data, the security risks escalate[1][2].

In "HBR"

Embrace a Cybersecure Workplace Culture Across Your Organization

Everyone acknowledges the importance of cybersecurity, but creating a genuinely secure workplace is no walk in the park[4]. New vulnerabilities trickle in each day as hackers keep discovering new ways to break through organizational defenses. While technology can assist in extending security perimeters, it's essential to focus on cultivating a security-conscious culture in the organization[5].

In "Others"

The article "Empowering Your Employees to Adopt Strong Password Habits" highlights the significance of disposable passwords, password phrases, and two-factor authentication in cybersecurity. To address password security concerns, companies must create a strategy that considers employee preferences and habits, such as adopting patterned password phrases or using a password manager with 2FA.

Ineffective password management continues to jeopardize data security, particularly in the context of remote work. Therefore, focusing on user-friendly password management policies that prioritize both employee convenience and enhanced data security remains crucial for organizations today.

Read also:

    Related

    Latest