Cyber Tips

New year new password: why password hygiene should top your 2023 resolutions list

Cyberthreats are borderless and today’s consumers and businesses have a higher chance of becoming the victim of cybercrime rather than experiencing physical losses due to a flood or a fire.

Consumers and businesses need to set strong passwords and practice password hygiene

Cybercrime is becoming one of the biggest continuous threats to consumers and businesses alike and the threat continues to be on the rise. Every year that passes is setting new records for cybercrime activities, as the average costs associated with cybercrime are expected to rise 15% until 2025, costing consumers and businesses $10.5 trillion dollars annually.

Cyberthreats are borderless and today’s consumers and businesses have a higher chance of becoming the victim of cybercrime rather than experiencing physical losses due to a flood or a fire.

One of the best ways that consumers and businesses can protect themselves from cybercrime is by practicing good password hygiene and by investing in cyber insurance for their home or SME. Recent data from Verizon reveals that more than 80% of data breaches are a result of weak or compromised passwords, so it’s important that they are regularly updated per best practices to minimize these risks.

Read below about how you can ensure your passwords meet today’s security standards and our recommendations on how you can easily manage multiple secure passwords.

Why password safety needs to be prioritized by businesses & consumers

While passwords are a necessity to access many online and digital services, they are by no means foolproof. Former US Secretary of Homeland Security Michael Chertoff called passwords “by far the weakest link in cybersecurity” way back in 2016, and this statement continues to hold true today as hackers and cybercriminals get more sophisticated in their social engineering and phishing techniques.

With today’s technologies, hackers can crack a five character password instantly, however, there are ways for business and individuals to better ensure password safety. For example, technologies like MFA (Multi-Factor Authentication), authenticator apps and password managers are widely available and they significantly reduce the risk associated with single-point password use.

What is MFA?

According to TechTarget, Multi-Factor Authentication is a security technology that requires multiple methods of authentication from independent categories of credentials to verify a user’s identity for a login or transaction which combines two or more independent credentials like a password, security pin or biometric data. MFA is particularly important if your organization uses single sign-on (SSO) technology as it makes the entry point to your systems much more secure.

What is an authenticator app?

An authenticator app is a software tool that can be installed on a smartphone, computer or tablet to help implement multi-factor authentication (MFA) and secure access principles, whether for personal, educational or corporate use per Duo Security.

What is a password manager?

A password manager is a software tool designed to store and manage your online credentials in an encrypted database that is locked behind a single secure password. The benefits of password managers include convenience, strong password suggestions as well as ongoing phishing and security monitoring, among other services.

Why you need to create unique and strong passwords in 2023

Data from the 2019 Google Online Security Survey found that 52% of people reuse the same password for multiple accounts – and guess what? Hackers also know this information and will take advantage of known passwords across popular business and consumer accounts.

While passwords are regularly stolen, this doesn’t mean that they can be accessed by cybercriminals. For example, compromised passwords may be available on the dark web years or months later after the date they are stolen, or they might still be encrypted. This is why we recommend regular password updates every 3 months if you can’t use MFA.

Here’s how to create a strong password:

Password Dos Password Don’ts
  • Create passwords with at least 12 characters using uppercase and lowercase letters, numbers, special characters and spaces.  See how long it takes to crack an 8 character password vs. a 15 character password via this chart.
  • Use a password management tool.  Password management tools also have alert and monitoring systems built into them to pro-actively keep your passwords safe. We recommend LastPass and 1Password.
  • Always use MFA when setting up your personal and business accounts. The extra few minutes are worth it to protect your online security.
  • Re-use the same passwords across business and personal accounts.  This puts both your personal information and employer at risk.
  • Keep passwords the same for years. Get in the habit of using the new year as an opportunity to consistently update your passwords.
  • Have short and simple passwords with 5 characters or less.  Hackers can decode them instantly with today’s technology.

We also recommend that you regularly visit the website www.haveibeenpwned.com to see if your personal information or passwords have been compromised. Any accounts that have been compromised or where the password is reused should be updated accordingly or deleted to protect your online identify.

What does the future of passwords look like?

Consumers, employees and IT teams are getting fatigued with password use and hygiene; and tech giants like Apple, Google and Microsoft are offering password-less access to some of their consumer and enterprise products leveraging today’s technology.

For example, at Microsoft, customers don’t need to access services like Windows, Xbox and Microsoft 365 using passwords, and can instead use the Microsoft authenticator app or biometrics like fingerprints and/or facial recognition technology. And nearly 100% of the company’s employees use password-less technology to access their corporate accounts. Google also has a similar approach to their products and services through their authenticator app and MFA technology.

While the future of a password-less society looks promising, widespread adoption lags and there are still risks associated with using these newer technologies – as hackers can potentially intercept MFA codes or steal biometric data. That’s why we recommend regular password hygiene in addition to purchasing our all-in-one cyber protection insurance within our Cyberboxx Home and Cyberboxx Business products

 

Cyber insurance and protection for homes and businesses

Cyber Tips Gift card scams are on the rise among consumers

Gift card scams are on the rise among consumers

Gift card scams are on the rise and cost North Americans at least $148 million in the first 9 months of 2021. Here’s our advice on how you can prevent and resolve these types of scams as they happen — and how to keep your finances safe.

07/12/2022
Cyber Tips Important cyber tips for tax season

Important cyber tips for tax season

Tax season can be a stressful time for many Canadians and while scams are prevalent year-round, there is often a greater proliferation during tax time. Hackers are waiting for you to slip up so they can steal your personal information, money and identity.

05/04/2022

Sign up for the BOXX Insurance Newsletter

Get the latest updates about Cyber Insurance and Protection with our newsletter.