Securing Passwords in Business: What You Really Need To Know

Another week, another breach! It seems like every week we’re hearing about another major website’s secure passwords being compromised. Personal information is either being leaked for malicious purposes, or hackers are showing off their prowess for accessing “secure” information.

Last week 3 major websites reported their customer passwords were compromised:

If you have an account on any of these sites, it is highly recommended that you change your password immediately. Also no funny business: make sure that you use a different password on each of them.

Imagine someone contacting your business relationships. Or using your identity to manipulate business relationships you have spent time building. Or just as bad, manipulating personal relationships you are developing. When you use the same password for most of your services (including work systems) you make it very easy for someone to get into many – or all – of them.

Here are my recommendations for password management best practices to reduce your risk of exposure.

Critical Best Practices for Passwords

  • Use different passwords for every website you have an account with. While this can be difficult to manage, it is the safest way to protect your other accounts.
  • Use a separate email address to create online accounts. This way you minimize the risk to your main email address, and also avoid unwanted spam.
  • Keep personal and work passwords separate.
  • Close old accounts you are no longer using. You would be surprised how many accounts you have out there!
  • Don’t use common words or anything too simple for your password  – here’s a list of the Web’s Worst Passwords.

Two Factor Authentications for Organizations

For organizations, protecting valuable corporate data assets is crucial to survival. When considering how to secure corporate passwords, we’ve found using a two-factor authentication system is the easiest and most effective solution. By using something you know (your username and a password you make up) along with something you have (a one-time password generator – a small token or an app on one of your devices) you mitigate a lot of the risk.

At Softchoice, we’ve worked with many customers helping them secure their data resources. There are several solutions in this space we have had success with. The best one for your organization depends on the other technology solutions you have in place. It also depends on whether you are looking for an on premise or SaaS solution.

Unfortunately, organizations wait until a critical event takes place prior to taking action on their underlying security issues.   We’ve determined that organizations that proactively act on assessing their security issues before a critical incident occurs generally have better outcomes, mitigating threats before they can become a problem.

Please feel free to contact me by leaving a comment below, or connect with your Softchoice Account Manager to discuss this or any other challenges in data protection.

Here’s the email that our own Information Security Officer Mark Sebastian sent to all our employees when it happened. Feel free to use it!

Good Morning,

Last week 3 major websites reported their customer passwords were compromised:

If you have account on any of these websites, it is highly recommended that you change your password immediately.
As a reminder, if you follow these best practices, you can mitigate the risk of exposure when creating accounts on the Internet.

  • Use different passwords for every website you have an account with. While this can be difficult to manage, it is the safest way to protect your other accounts.
  • Use a separate email address to create online accounts. This way you minimize the risk to your main email address, and also avoid unwanted spam.
  • Keep personal and work passwords separate.
  • Close old accounts you are no longer using. You would be surprised how many accounts you have out there!

Related Posts

Disruptive technology: Trends gaining traction Where would we be without computers, smartphones, music and video streaming? Likely, we’d still be using decade-old technologies like typewriters, landlines, CDs and DVDs. The...
The Real Cost of Software Non-Compliance (and what to do about it) Software compliance is one of those aspects of business that exists safely in the back of your mind until, suddenly, it rears its ugly head. Issues of software non-complia...
Why the Shellshock Vulnerability Is A Perfect 10 Another big buzz in the media again. Looks like there has been another dangerous vulnerability identified and rated a 10 for impact, and a 10 for exploitability. This is t...

About Stephen Perciballi

Stephen Perciballi is the Director of Security Solutions for Softchoice, one of North America’s largest technology solutions and services providers.