Blog Details

  • Home
  • Cyber Security: Password Integrity

Cyber Security starts with your password

In 2022 so far, 62% of the recorded data breaches were caused by brute-force attacks against unsuspecting users and their credentials used in critical systems. Unlike in the movies, threat actors will first attempt to use whats called a dictionary based brute-force attack. This style of attack is one of the oldest and still most common attack. Threat actors are constantly scanning for devices connected to the internet that they can launch these attacks against. The best way to guard against this type of attack is having a strong passwords, rotating passwords on a standard interval, enabling Multi-Factor Authentication (MFA), protecting key systems behind a VPN and ensuring password complexity policies are adhered to.

P@ssw0rd Problems

For typical users, security is typically sacrificed for convenience. Users will set a single password that is then used for their personal login as well as their corporate. Key systems managers may have elevated permissions the critical systems and have weak passwords. Additionally, if you try to implement a security plan that includes a very complex password and rotation policy your users and employees may break out the pitchforks and torches, or could find ways around it that lower the security. Did you know HIPPA, PCI or other compliance certifications, require password complexity and rotation strategies and policies be followed?

The Solution

BytePoint Solutions has partnered with Bitwarden, a complete enterprise password management and vault. With our solution, your organization can create secured vaults for shared passwords and individual vaults. Coupled with automatic password breach notifications and custom password complexity policies Bitwarden solutions provided by BytePoint Solutions provides you with unparalleled security focused password management. With a managed password vault, your users and systems can create strong and complex passwords that are securely accessible. Powered by a desktop and mobile app along with integrated plugins for all major browsers, keeping your systems compliant and data secured has never been easier.

Steps to create a complex password

  1. Make sure you avoid common used passwords (eq: 123456, password, qwerty etc)
  2. Create silos or groups of sites/systems you use a password on and ensure the passwords in each silo are unique. Examples of silos could be:
    1. Banks, Credit Cards, Healthcare providers (high level of integrity)
    2. Email systems (usually used for password recovery for other systems and should be isolated)
    3. Online Stores
    4. Others
  3. Family accounts and accounts for children should have their own unique password
  4. When setting a password, ensure there is some randomness, always include a numeral and special character
  5. Do not set the password length to the minimum or maximum required by the system
  6. Make sure that you change the password at a regular interval and when data breach announcements are sent
  7. Contact us for password creation policy strategies and vault systems and integrations to safeguard your data

Get a free consultation today!