Password Managers and Other Lies Jeopardising Your Accounts

Reduce and reuse may be a good motto for the planet, but it’s a horrible tactic for your passwords. In fact, for the 53% of survey respondents who admitted to using the same password for multiple accounts, it comes with enormous risk.

Then why is it so many people engage in password reuse? Convenience comes up a lot, as does the stress of remembering so many different logins.

But according to Comparitech, there’s one group that reuses passwords more than the average user: IT professionals. 50% say they’re guilty of using the same passwords for different work accounts versus 39% of non-IT users. More than half also admit to sharing passwords, putting their accounts and their employers at risk.

What do the experts recommend? Disrupting the reuse cycle with a password manager for starters. But without multifactor authentication, you could still be vulnerable.

Password Cracking: Why Password Managers Aren’t Always Enough

If you’re expecting your password manager to make your accounts ironclad, you’re in for some disappointing news.

In terms of security investments, they’re certainly a step in the right direction. But all it takes is a single cracked code to access every one of your passwords – all in the same place.

Cybercriminals know that if they can penetrate your password manager, they can access all your sensitive data in one sweep. It’s one reason they’re so heavily targeted. By the time you realise there’s been a breach, it may be too late to change all your passwords and make calls to your bank before they do their damage.

You’d also better ensure you’re using password manager software with a robust backup plan. Otherwise, one server outage or device crash could wipe all you’ve worked to secure.

And if you’re still reusing passwords, even the best password manager technology won’t save you from yourself.

“Password reuse leads to credential stuffing, a form of automated attack where cybercriminals use lists of passwords stolen from one website to break into other websites,” explains MalwareBytes. “Credential stuffing attacks are large, automated, and persistent, and they are so successful that they happen almost constantly.”

Multiplying Your Password Security With Multi-Factor Authentication

By some estimates, you have a 99.9% fewer chance of being hacked if you enable Multi-factor authentication (MFA) on your accounts. But that doesn’t mean all the individuals in your organisation will take initiative.

Instead, consider adding MFA requirements to your company’s security policies and only working with vendors that offer it as part of their account setup. Some SMBs have even gone as far as to write their government representatives to make it a widespread, mandatory privacy requirement.MFA works so well because it adds an extra step to the verification process, requiring a user to make contact from either their email or phone. The extra minute or two can mean the difference between a hacker stealing sensitive personal or company information and moving on to their next unsuspecting victim.

The Future of Passwords 

Could the future of passwords be…passwordless? Some experts think so.

That doesn’t mean you should wait around for technologies like passkeys – “a cryptographic private key that gets stored on the devices you use” – to catch up and make traditional logins obsolete.

Until passwords get replaced by something better, a combination of these two security tools should be enough to keep cybercriminals at bay…for now, at least.

Do you want to know more about Multi-Factor Authentication, Password Managers and how to keep your network safe? Get in touch with Nextro.