Blog: Why do I need to worry about passwords in my business?

Passwords are essential, but why? Why do you need a strong password to keep cyber criminals from your accounts?

A recent report by Bitwarden revealed that 86% of us still reuse passwords across multiple sites, and just 37% use password managers.

Why should you not reuse passwords? And what is a strong password?

It’s crucial for us all to ensure we aren’t reusing the same password across multiple systems, devices and accounts. Once that password has been compromised on one system, the rest can follow like a row of dominoes.

If someone compromised your Twitter account password, which was reused on your work email or bank account, you could fall victim to other scams or fraudulent account activity. For example, if they are inside your Twitter or email account, a criminal could post emails and messages pretending to be from you.

The National Cyber Security Centre describes a strong password as a combination of three random words, creating a password that’s long enough and strong enough. For example, ‘RoosterGravyChimney’. You can also use a password manager to create strong passwords for you (and remember them).

If you have a weak password, it can be cracked in seconds. The longer and more unusual your password is, the harder it is for a cybercriminal to crack.

As a business owner, your accounts will likely hold personal data about customers and suppliers, your business and its finances. Choosing one single password for all your accounts could put your business at more risk of a cyber incident, where this data could be stolen.

The aftermath of a cyber incident may put your business at legal or financial risk, create negative PR and be at risk of breaking the General Data Protection Regulation (GDPR).

Your staff should also ensure they are not storing their passwords near their devices and are locked away or turned off when not in use.

Why would a criminal want my passwords?

For cybercriminals, obtaining your password is similar to a criminal stealing the front door key to your house or office. A password is the key to the front door, and once inside, they have full access to the contents of your business.

Why do criminals want to access my emails?

If a cybercriminal gains entry into your email inbox, they could reset your passwords from other accounts using the ‘forgot password’ feature or access information about you and your business.

For example, do you have emails with your accountant discussing finances and invoices? Or do you have email conversations with clients that disclose personal financial details?

How can I strengthen the security of my email accounts and social media?

• Use a strong and separate password for your email.
• Your passwords should be strong and different from all other passwords. This will make it harder to crack or guess.
• Using three random words is an excellent way to create a strong, unique password that you will remember.
• Remember to protect your other important accounts, such as banking, online stores and social media.

Why should I use a Password Manager?

The idea that password managers are unsafe for use is a common myth, which is understandable. To most, password managers appear to be a single point of failure; if they get breached or hacked, all my saved passwords get exposed too. This, however, is different; password managers use very sophisticated levels of encryption to ensure that threat actors are not successful in viewing any of your passwords even if they gain access to data.

The National Cyber Security Center (NCSC) says, ‘Password managers are a good thing', which comes as no surprise when you look at their advantages.

• They help to reduce the number of passwords you have to remember to just one, the master password for the manager itself
• They allow you to generate secure passwords for new accounts
• They allow you to store passwords across all your devices securely
• Many standalone password managers are available on the market to choose from and even built into your internet browser - many employees find this more convenient.

Don't wait until it's too late to prioritise cyber security in your business - invest in it now to protect your business and your customers. Start your journey to becoming more cyber secure by contacting the North West Cyber Resilience Centre today. Free Membership and more information can be found alongside a range of free guidance and support.