With several high-profile companies falling victim to data breaches in recent months, cyber security is top of mind for businesses and consumers alike. The easiest way cyber criminals gain access to our systems is by password hacking, so here’s what you need to know to keep your data and customers secure.

Cyber criminals are getting better every day at gaining access to our personal details, online accounts and home devices via password hacks, and businesses and consumers need to up our game in order to keep up and stay secure online.

Small businesses are at particular risk, with hackers targeting customer data in recent breaches. Adding to this, businesses have the pressure of ensuring their staff and administrators are keeping system passwords secure.

Why changing passwords regularly is important

Research shows that one of the most common ways cyber criminals gain access to our personal details and devices is due to weak passwords that users re-use on multiple platforms. This means that if one password is hacked, cyber criminals could gain access to multiple accounts and far more information than you realise.

According to research by Nord Security in 2022, 85 million passwords were leaked in Australia in the last year alone.

“A single password for multiple accounts is a hacker’s delight,” a Nord Security spokesperson said. “If only one of the accounts is compromised, consider all your other accounts jeopardised.”

‘123456’ was the most common password used by Australians, with the combination recorded a whopping 308,000 times. The second most preferred password was simply ‘password’, which featured 191,800 times and would take a hacker just one second to crack. The analysis also found that people were fond of using their own names within passwords – one of the biggest no-no’s when it comes to online security.

How to create a strong password

A complex password containing 14 characters or more, with a combination of upper and lowercase letters, numbers, and symbols, is recommended to keep hackers at bay.

A good password will:

• Be at least 14 or more characters long
• Contain a mix of symbols – upper and lowercase letters, numbers, and special characters like punctuation symbols
• Be unique for each service
• Be changed regularly if the content it protects is very sensitive (e.g. online banking accounts)
• Won’t contain recognisable words

The Australian Government’s Digital Health website also recommends:

1. Use a password manager

A password manager stores and manages your passwords in an encrypted database, making it easy to remember multiple passwords across each platform. It enables you to generate random, complex, and unique passwords using a password generator, stores your passwords and protects them with encryption, and reduces the number of passwords you have to remember.

2. Use multi-factor authentication

MFA, also known as two-factor authentication (2FA), provides added protection by asking users to provide another method of identification, normally via a code sent by phone, text or email. This ensures that if someone attempts to login using your password, you will receive notice of the login attempt and have the chance to reject and report it if necessary.

3. Use password-sharing security

Businesses often share passwords which can result in compromised cyber security across the whole business. It is recommended to give separate passwords to anyone with access to critical systems and enforce multi-factor authentication for each staff member. Never share passwords via online platforms such as email or keep written passwords near your devices where they can be easily found.

4. Use unique passwords

Always use a unique password for each account to help prevent the ‘domino effect’. This is where all accounts using the same password are compromised when the password is discovered.

5. Avoid personal information

NEVER use personal information in your passwords, such as birth dates or family names (including your own, your children’s or pet’s names).

We’ve got loads of excellent cyber security tips and expert advice for businesses in our Cyber Security section. Here are a few we think you should read:

1. Online security: How to handle passwords
2. How to stay safe from a cyber attack
3. Should we ever pay a cyber ransom?
4. Small businesses lost over $6.6 million to scammers; ACCC warns of worse to come
5. New Cyber Wardens program helping defend businesses from cyber threats

And check out this fact sheet about password security from the Australian Government.

Want more? Get our newsletter delivered straight to your inbox! Follow Kochie’s Business Builders on Facebook, Twitter, Instagram, and LinkedIn.