In order to protect your business data, you have to approach cybersecurity from every possible angle of exploitation. Cybercriminals are constantly trying to find new ways to break into business systems. Sadly, too often, they succeed thanks to weak passwords. In fact, nearly 50% of cyberattacks last year involved weak or stolen passwords.* This calls for small businesses like yours to step up and take password security seriously and implement strong password policies.

Fortunately, there are a few best practices that you can follow to protect your business. Before we get into those, here are the top 10 most common passwords available on the dark web that you should avoid at all costs:

1. 123456
2. 123456789
3. Qwerty
4. Password
5. 12345
6. 12345678
7. 111111
8. 1234567
9. 123123
10. Qwerty123

Password best practices

When your team is aware of password best practices, they can significantly ramp up your cybersecurity.

Use a password manager

One of the most important things to keep your passwords safe is to use a password manager. A password manager helps you create and store strong passwords for all your online accounts. Password managers can also help you keep track of your passwords and ensure they are unique for each account.

Implement single sign-on (SSO)

Single sign-on is a popular password solution that allows users to access multiple applications with one set of credentials. This means that you only need to remember one password to access all your online accounts.

While SSO is a convenient solution, remember that all your accounts are only as secure as your SSO password. So, if you’re using SSO, make a strong, unique password that you don’t use for anything else.

Avoid reusing passwords on multiple accounts

If a hacker gains access to one of your accounts, they will try to use that same password to access your other accounts. By having different passwords for different accounts, you can limit the damage that a hacker can cause.

However, avoid jotting down your passwords on a piece of paper and instead depend on a safe solution like using a reliable password manager.

Make use of two-factor authentication (2FA)

One of the best ways to protect your online accounts is to use two-factor authentication (2FA). In addition to your password, 2FA requires you to enter a code from your phone or another device. Even if someone knows your password, this method makes it much more difficult for them to hack into your account.

While 2FA is not perfect, it is a robust security measure that can assist in the protection of your online accounts. We recommend that you begin using 2FA if you haven’t already. If you use 2FA, make sure each account has a strong and unique code.

Don’t use the information available on your social media

Many people use social media to connect with friends and family, stay up to date on current events or share their thoughts and experiences with others. However, social media can also be a source of valuable personal information for criminals.

When creating passwords, you must avoid using information easily obtainable on your social media accounts. This includes your name, birth date and other details that could be used to guess your password. By taking this precaution, you can help keep your accounts safe and secure.

Make use of a Password Pusher

Don’t send passwords in plain text over email, or other unencrypted chat apps. Instead make use of a Password Pusher to share credentials.

Horn IT can help with your internal security strategy

As cyberattacks become more sophisticated, you may not be able to devote sufficient time and effort to combat them. As an IT service provider, we can ensure your team creates strong passwords, stores them securely and changes them on a regular basis.

Schedule a no-obligation consultation with us today to learn more about how we can help protect you from poor password hygiene.

Now that you know how to keep your passwords safe, download our infographic by clicking here to learn how to keep your email inbox safe.