Your Passwords are Not Secure
- Updated at
- By Naty Santos
- Passwords
You have secrets. We all do. Yesterday, your accounts were protected by a seven-digit password. Today, they are unlocked and might be used to hurt you. Your credit card number, your email, your bank account.
You think your secrets are safe online, but they are being targeted on a massive scale by cyber criminals. Cyber criminals ranging from trained IT network professionals to a bored fifteen-year-old with nothing better to do than ruin your life.
In your day-to-day life, you can keep an eye on your phone, keep your wallet close, and lock your car after parking. However, your digital profile is available 24/7. Even when you are sleeping, your digital profile is there for the taking.
And unlike your ability to determine a shady character on the street, in your digital profile, you have no awareness of who is lurking around the corner to harm you.
Table of Contents
Passwords - strong ones - to protect yourself
In years past, online passwords have worked just fine because they had less to protect. A complex password with a range of characters, symbols, and numbers were enough to protect your online profile and email account. Today, the stakes are much higher. Our entire lives are online, both personal and business. You have a digital life running alongside your own, one you have little control over.
Here’s the secret about passwords: If they’re good enough to protect you, you won’t remember them
So, you write them down, keep them in a folder, put them in your email, or on a spreadsheet. The problem is, once a password is in the hands of another person, it becomes worthless. Perhaps you unknowingly clicked on a hyperlink that infected your computer with malware that is designed to record passwords, or a virus that steals information and feeds it back to cyber criminals.
In one form or another, the Internet holds most of your secrets. Some of which you haven’t even tried to protect. Things that we think are private are accessible to anyone with a motive. Your name, email, and home address are common knowledge. Your date of birth is on Facebook. A hacker might find your mother’s maiden name online at ancestry.com. Piecing all of this information together, hackers are finding it easier and easier to access your private information.
In this digital world, technology is fast surpassing a password’s ability to protect us
Email addresses are used universally as usernames, creating a huge point of weakness just waiting to be exploited. Once a hacker has access to your email account using the forgotten password link, other accounts such as Amazon, Netflix, Ebay, and even Paypal are in their hands. A hacker just needs one account to gain entry to them all, destroying your digital life in only minutes. They could wipe everything off your devices – data, photos, important information, years of emails – gone in the time it takes you to make a cup of tea.
What about corporate passwords?
What about your business? Your livelihood, your startup, or your well-established company moving towards being boundaryless, paperless, and in the cloud.
Thanks to the trend of storing corporate data in the cloud, your intellectual property is less secure than ever.
Hacking and gaining access to your company’s information has never been so easy. You can do banking in the cloud, store vital data in the cloud, track finances in the cloud, and do taxes in the cloud. Everything is interlinked with numerous points of weaknesses, some of which we aren’t even aware of yet.
In business, it’s not just you in control of your secrets
Dozens (potentially hundreds) of people armed with passwords, are devaluing the security of your business data.
Here’s another secret about passwords: If your employee’s passwords are any good, and robustly secure, they won’t remember them.
Because they are just as human as you. Your employees are told to generate strong passwords – a 6-letter word if they’re careless, a few numbers interspersed with characters if they’re cautious. Perhaps you allocate passwords in an attempt to keep your business secure. The most complex variation of 1632 characters, symbols, and numbers combined. But chances are users, employees, and those dreaded hackers alike won’t be able to get into those accounts. There’s a fine balance between adequate security and usability because there’s no point in having such secure passwords if they are unusable.
They will write passwords down on a piece of paper and store it in their desk. Maybe they will save them on their computer in a spreadsheet, or notepad. They may reuse their passwords in an attempt to commit them to memory. All of the above make your business less secure.
Hackers don't just target the big guys
In 2013, personal information from one billion Yahoo user accounts was stolen. It was the largest data breach in history and only discovered in 2016. Early last year, an Austrian-based aero parts manufacturer fell victim to attackers, who stole 50 million euros during their hack. Big companies like Apple, Twitter, SnapChat, Sony, LinkedIn, eBay, and Dropbox have all experienced recent security breaches.
You may think your company is not big enough or public enough to be a target, but hackers typically target small businesses, because they have more money than private individuals and less security than large corporations. Consider the amount of time and money the above companies would have invested in improving their online security after those breaches.
Can your business afford a security breach?
No amount of caution or complex variation of numbers and letters can stop a determined hacker from cracking that password and accessing your company’s valuable data. However, there is a solution and that is where the team at VaultOne comes in.
VaultOne is a privileged account manager solution, tackling these security issues by centralizing passwords in a “vault,” allowing users to access resources (servers, computers, social accounts) without the need for a password. Rather than trusting everyone with a password, an administrator can create a secure connection between the user and the resource through Vault One, putting the power of intellectual property back in the hands of the company, where it should be.