5 Critical Password Rules Your Employees Need to Follow

Passwords are the keys that unlock so much critical data.  They allow your employees access to systems to enable them to do their jobs.  However, in the wrong hands, these passwords can lead to severe data breaches.  Keeper’s Workplace Password Malpractice Report 2021 outlines different password security issues. Below are 5 critical password rules that your staff probably aren’t following but should be. 

  1. Always Use Strong Passwords

Strong passwords are necessary to keep hacker tools from guessing your password quickly.  Most businesses have a policy requiring that passwords be at least 8 characters long and containing a combination of upper and lower case letters, numbers and symbols. In addition, passwords should never include the company name in their passwords.  Personal details like a birthdate or children’s name should also never be used, as these details can easily be found on social media. 

  1. Use a Unique Password for Every Account

Keeper’s study found that 44% of employees reused their passwords across their personal and work accounts.  While it may seem like an easy way to remember all those passwords without having to write it down, the trouble comes once a personal password is compromised and sold on the dark web.  Cyber criminals know that you are likely to reuse that password on a work account and will try to use it to log into your network and steal corporate data. 

  1. Use an Encrypted Password Manager

You may be wondering why someone would want to store their passwords anywhere, but the reality is, we all have too many passwords to remember.  Writing passwords down on paper or storing them in an unencrypted folder can put your business at risk. Keeper’s study found that 57% of respondents wrote down their passwords on sticky notes, and 62% write down their passwords in a notebook or journal. The problem is that anyone walking by a desk could easily find these passwords and access the account.  Similarly, storing the passwords on the cloud or on another mobile device is problematic, as a cyber criminal could breach these devices, and then access the employee’s password file. The best course of action is to have employees use am encrypted password manager.

  1. Never Share Passwords With Anyone Outside the Business

This should go without saying, but it still happens. Keeper’s study found that 14% of people will share their passwords with a spouse or significant other.  There is no good reason for anyone to share their work passwords with someone outside of the business.

  1. Use Encryption When Sharing Passwords Within the Business

There are a few cases where sharing passwords within the business makes sense.  When these situations arise, it is best to make sure you use encrypted channels to share the passwords, as they could be intercepted by cyber criminals while in transit.  According to Keeper, 62% of employees share passwords through unencrypted email or text messages. 

If your employees aren’t following these password rules, you need to make sure they start following them today! Passwords truly are the “keys to the kingdom”! If your business isn’t following these rules, then you are leaving the door open. To learn more about password policies and cyber security in general, visit www.uzado.com.