We are constantly being asked to input passwords at work.
Sometimes there has to be a capital letter, sometimes a number, then you need a symbol.
It can be bewildering.
However, making passwords safer is not as difficult as you might think.
We take a look at how criminals get hold of passwords and show you how to better protect you and your company…
Tricks the criminals use to get hold of your passwords
The common image of a hacker is that of an adult tapping away at a keyboard attempting to break passwords.
But often the criminals’ techniques are much cruder than the classic movie cliché.
In real life they can adopt the very basic technique called shoulder surfing – watching someone discreetly as they type in their password.
They can also coerce passwords out of people simply by talking to them or by stealing those written down on pieces of paper.
The more technically-minded criminal might install a keylogger which intercepts passwords when they are being typed into a device.
Or they may go for the brute force option – using a computer to guess billions of passwords until the right one is stumbled upon.
Finally, cyber criminals could search IT infrastructures for stored passwords or intercept them as they are transmitted over a network.
How to put your staff at ease with passwords
To get your staff comfortable with passwords you should create a comforting environment – meaning they don’t feel overwhelmed.
This means using passwords only when they are needed.
You could also allow your staff to securely record their passwords so they have no fears of losing them.
It will also help if IT users can reset their passwords easily.
This means the passwords can be changed regularly reducing the likelihood of an attack.
How to make passwords safer in your company
Your first move as a business owner should be to educate all your staff on the importance of IT safety.
You should train them how to create a password that is strong but simple – avoiding the most common passwords (123456 and password are the top this year).
BT recommends using song lyrics and putting a different letter in front of each password to distinguish what site it is for – T for Twitter, F for Facebook.
You should also make them aware of the limitation of password strength meters so they don’t think their password is better than it is.
Making passwords safer: The final conclusion
Ultimately the best defence is education.
Make sure all of your staff are aware of company policies surrounding IT security and train them to avoid using common passwords.
Then you must make sure that the users don’t feel overwhelmed – make it as simple as you possibly can without compromising security.
You should also take a look at your other IT defences as even the best password in the world won’t protect you if you have a leak elsewhere.
Find out where your weaknesses are and plug those holes.