Introducing FireMon Policy Analyzer Learn More

Back to Basics: What’s the Password?

Cyber safety is not just for CISOs or techies anymore. Technology touches all of us nearly every single day, from baby nurseries to nursing homes. It is so important that everyone understands the basics of safe cyber activity. October is Cybersecurity Awareness Month and FireMon is here to provide tips in an easy-to-understand format for even the youngest of readers. So, please share with your friends and family and stay safe out there!

As kids, most of us innately understood the importance of passwords. Want to get into my club? What’s the password? Want to sit with me? What’s the password? Young kids often use their favorite animal or color: easy to guess. But as children get older, the passwords become more obscure and change often. Stronger passwords equal more exclusivity. Unfortunately, as we get even older, stronger passwords seem to require too much effort.

According to Verizon’s Data Breach Investigations Report (DBIR) 2022, poor password practices have been one of the leading causes of data breaches since 2009.  You may find it annoying – constantly signing into different accounts separately – but if you do nothing else, please make your passwords strong.

Massive corporate incidents often make headlines, like the TJ Maxx, Target, Marriott, and Equifax breaches. However, the many smaller attacks on individuals resulting in stolen credit card data, identity theft, or social media hacks rarely reach the masses. Bad guys love to take advantage of the low hanging fruit, which is often the average consumer.  Their easiest target: passwords. Stolen credentials (aka stolen passwords/login information) accounted for 80% of breaches in 2021.

It is tempting to use the same simple password for all of your logins. It is painless and easy to remember. “Forgot my password” can be a frustrating time-suck. I get it. REALLY. But for the sake of your card data, social media access, and personal identity, please do not be the low hanging fruit.

Five Tips to help you Minimize your Credential Exposure

  1. Beef up your passwords. They should be both strong and unique. You’ve heard it before: at least 12 characters and have a combination of upper and lowercase letters, numbers and special characters such as #, $, &, and %. The most secure sites MAKE you make your passwords strong. Try to incorporate those rules everywhere.
  1. Don’t ever reuse passwords. Especially across your personal and business applications. Once the threat is in one account, they are sure to try to access more. Let’s say the attacker hacks into your email. Once in, they will have access to links to your bank, credit cards, and other important sites. Do not make it easy for them by having the same password for all.
  1. Don’t ever give out your passwords. This sounds simple enough, but hackers find ways to entice you into sharing your information. Phishing is a popular method. The attacker tricks you into thinking they are from a legitimate person or organization but are only capturing your data. Always double check that you are on the correct URL before providing any sensitive information.
  1. Use a password manager. They create and store unique passwords for each site and often auto populate the password on saved devices. Password managers tend to make life easier because you don’t have to remember them! Tools like 1Password and Google Password Manager are popular options.
  1. Set up multi-factor authentication (MFA). MFA inherently enhances the security of your credentials by adding 2+ layers of protection. MFA is not always practical but is one of the best ways to ensure your credentials are not hacked. Without the additional verification, even a correct user ID and password will not allow access to your accounts. MFA requires at least 2 of the following for logging in:
    1. Something you know – a password
    2. Something you have – a token, authenticator app, smartphone or laptop
    3. Something you are – biometric data, like faceID or fingerprint

The Internet is an incredible place. Enjoy and scroll responsibly!

About the Author

You May Also Like

FireMon Cloud Defense Introduces Free Enterprise-Scale CSPM

FireMon is incredibly excited to introduce the industry’s first completely free unlimited CSPM for any size cloud deployments. A curated subset of features from our Cloud Defense platform designed to help cloud customers identify and manage baseline security and compliance risks. At FireMon we believe all organizations and individuals deserve

Read More >

FireMon Policy Analyzer – Understanding Your Assessment

If you’re reading this blog, you’re likely interested in learning more about FireMon Policy Analyzer or have just run your first assessment and are curious how to get the most out of your results. Either way, we’re excited you’re here! As a reminder for those who aren’t familiar with Policy

Read More >

Get 9X Better

See how to get:

90% Efficiency Gain by automating firewall support operations

90%+ Faster time to globally block malicious actors to a new line

90% Reduction in FTE hours to implement firewalls

Schedule a Demo