Don’t Pass on Password Managers

Article Authors

Recent Cyber Security industry statistics show that weak, default, or stolen passwords are involved in up to 80% of data breaches each year.

Passwords figure prominently in many areas of our daily functions such as logging onto work computers, doing online banking, sending email, accessing social media accounts and making most online shopping possible. A consistent, clear, repeated warning from Cyber Security experts and insiders is: creating complex passwords (i.e. comprised of both upper and lower case letters, numbers, and special characters) that are unique and lengthy is one way to ensure safe online activity.

Practicing healthy Cyber Security hygiene by implementing unusual passwords is outstanding in theory; it’s just that the average person has multiple password-protected accounts. Remembering which password aligns with each one of those accounts can be a challenge. That’s why using a password manager is helpful.

Advantages of Password Managers:

    1. It provides a centralized password storage location (i.e. vault) – with only a master password to remember.
    2. It is able to automatically generate strong passwords for all of your accounts requiring a password.
    3. It is equipped with strong encryption, which protects your vault.
    4. It can simultaneously support multiple devices.
    5. It offers the ability to safely store other sensitive information, such as credit card numbers, in the vault.

    There are several good, highly-recommended options to choose from such as LastPass, Keeper, Dashlane and 1Password. Be sure to research each of the tools you are considering before making your decision to ensure that you are comfortable with the features and capabilities of the password manager you ultimately pick.

    Action Items:

      1. Research and choose a reliable Password Manager.
      2. Choose a long and complex Master Password (Remember, with a Password Manager, you only need to remember one).
      3. Be sure to take precautions to remember your new Master Password such as selecting one that has meaning to you but does not necessarily lend itself to hackers.
        Note: This is important because most providers have little or NO ability to assist you with finding/resetting a lost or forgotten Master Password.
      4. Begin using your Password Manager as soon as possible and migrate all of your existing passwords to it.

      HBK can assist you with questions on this or any other Cyber Security topic. For more information, contact William Heaven at WHeaven@hbkcpa.com.

Speak to one of our professionals about your organizational needs

"*" indicates required fields



Do You Have a Strong Password?

Date October 23, 2018

A password is arguably the single most crucial component for cyber security.

According to a recent version of the Verizon Data Breach Investigations Report “DBIR”, 63% of all reported breaches (regardless of size) involve weak, default or stolen passwords.

A password/pin number is a string of characters, numbers, or symbols (or a combination of all three) used in verifying identity to permit access to a computer-based resource.

We use passwords for entry to home and work computers, social media accounts, online banking, email and many other functions/accounts requiring login. The password equivalent a personal identification number (PIN) allows secure use of mobile phones (including voicemail functions), tablets, and banking at remote locations such as automatic teller machines (ATM).

The best way to create a secure password or PIN is to follow the old adage, “Easy to Remember, Hard to Guess.” As a nation, we are doing less than stellar in selecting secure passwords and PINs.

Last year the most common password, “123456”, was used by 17% of the entire population. The word itself, “password”, came in eighth place in the list of most-commonly used passwords.

Obviously, the more unique a password or PIN is, the harder it will be for a hacker to determine.

Password Tips:
• Don’t share your password with anyone
• Don’t use simple dictionary words, family names, pet names or key dates like a birthday or anniversary
• Don’t repeat password usage for multiple computer resources
• Use a long password, one containing 14-25 characters (incorporate letters, numbers and symbols)
• Use a password manager (such as “LastPass”)
• If possible, implement dual factor authentication

Action Items:
1. Implement a Cyber Security Awareness Campaign
2. Implement / Update IT Security Policies
3. Analyze password usage within your organization

HBK can assist you with cyber security topics or questions. Please contact Matt Schiavone at mschiavone@hbkcpa.com, Bill Heaven at wheaven@hbkcpa.com, or Steve Franckhauser at sfranckhauser@hbkcpa.com for assistance.

Speak to one of our professionals about your organizational needs

"*" indicates required fields