Cybercrime in the digital age is rampant. With more online users than ever, cybercrime is on the rise. Between online banking, shopping, data and information storage and other online activities, there are more access points than ever for cybercriminals to wreak their havoc. Experts predict that by 2021, the global cost of these malicious attacks will top $6 trillion.
That’s why, in 2016, global users spent $80 billion on cybersecurity, a figure that will exceed $1 trillion over the next 5 years. But despite the spend, the risk of breaches remains high, because nearly 75% of online users depend on a single password across all their accounts. This common habit leaves only one hurdle standing between hackers and all of your personal information.
What can digital-minded businesses do to take control of their sensitive data and prevent catastrophic cyberattacks? Consider this your primer on passwords, and how to establish a more secure online system.
The rise of security breaches
63% of data breaches occur due to compromised passwords—and 93% of those passwords can be cracked in mere minutes. Today’s hackers are not just hacking company financials. With more digital access points than ever, they are increasingly breaking into sensitive databases, deeming even the best-encrypted information unsecure. With even the most tech-savvy companies and secure governments victimized by stolen credentials, security has become a battleground.
While ransomware and financial exploitation remains high, a study showed that 91% of attacks sought user credentials as a direct key to the corporation. Phishing attacks are often the preferred way of cracking into corporate systems, and with 30% of phishing emails opened and 12% of links clicked, stealing credentials and socially engineering them to deduce an organization’s passwords has become easier than ever.
Surveys reveal that nearly half of all web users have been using the same passwords for more than 5 years, increasing the chances that their systems will be hacked and information stolen. 40% of industrial computers were hacked in 2016, and despite the statistics, 80% of people aren’t taking the necessary steps to ensure that they don’t become a victim.
93% of those passwords can be cracked in mere minutes
Reducing the risks
Companies conduct more business online than ever before—and they simply can’t remember a new password for every account. A study showed that 37% of people forget their password on a weekly basis. That’s why more than 50% of people make the mistake of creating an easy-to-remember—and unfortunately equally easy-to-hack—password, or use the same one across multiple accounts.
If you want to secure your private data, avoid these common passwords and their variations.
nearly 75% of online users depend on a single password across all their accounts
The need for more complex passwords
Hackers and progressive AI systems have become increasingly capable of determining passwords through complex algorithms that can crack simple or common passwords within minutes. The most dangerous point of any hack is between the breach and the discovery, during which a hacker has immense power to wreak havoc, spread malware, and start to crack the code on top-secret corporate data. The need for a more secure and complex password as the first line of defense can’t be overstated.
Here’s why you need to create more complex (and different) passwords, right now.
Hackers need just the smallest tidbit to crack the corporate code
Through social engineering, a hacker with one employee’s credentials can take down the entire company. Far too often, employee passwords are derivatives or variations of the corporation’s passwords. Thus, with a bit of social engineering and some savvy algorithmic calculations, cybercriminals have the power to hack into your company’s most sensitive data.
Breaches can go undetected while silently gathering key credentials
Once a hacker has access to an employee’s computer, usually through phishing emails requesting the user change their password, they can install key-logging malware onto the computer. It’s only a matter of time before they log your most crucial information, and the cybercriminal has access to all the company’s data.
Malware can spread across a corporate network
Once malware is installed on one computer, it can go viral across the corporate network to steal confidential company and customer data.
91% of attacks sought user credentials as a direct key to the corporation
Best practices for safer passwords—and how to actually create one
Though 70% of people don’t believe passwords offer protection, a more varied password landscape is every business’s key to reducing the risk of victimization. Follow these best practices, and implement them across the company, to strengthen your lines of defense and ward off time-sensitive hacking attempts.
Use a different password for each account
Even the greatest, most complex password can be an Achilles’ heel if used across accounts. One successful hack, and your entire world of online data comes tumbling down. Create equally strong, but different, passwords to ward off attacks.
Go for something memorable
A long, unusual sentence will not only log itself in your memory, but increase your data protection factor. Take that a step further by replacing the phrase with its first letters, or add numbers and symbols.
Go for length
Most systems require a minimum of 8 characters when creating passwords. A few extra characters can minimize your risk, whether or not you have an alphanumeric combination. A password that takes much longer to crack will likely send would-be hackers packing.
86% of people report greater security with 2-factor authentication. The additional layer of protection greatly minimizes risk by requiring that users enter a password, then authenticate their login attempt through a personal device.
37% of people forget their password on a weekly basis
The future of passwords and cybersecurity
Without the ability to quickly hack passwords and systems, the days of cybercrime may be numbered— assuming that companies get on board with current and emerging data protection systems. As the future quickly becomes the present, these technologies are redefining data security and the user experience.
As digital technology and AI continue to improve and enhance the ability of cybercriminals to break into underprepared company systems, this darker side of technology is balanced out. Technology has also opened the door to greater security through biometric verification, which is far harder to hack than patterns alone. As more companies start to utilize systems like facial or voice recognition, and thumbprint verifications for both employees and customers, cybercrime is starting to get a run for its money.
Cybersecurity-focused companies have a plethora of passwords floating around. A password manager can organize and simplify access across accounts. Free options like Dashlane and LastPass not only save your passwords, but help create stronger ones. Just be sure to make and memorize an ultra-secure master password to manage this vulnerable account.
New technology is setting the stage for a more secure cyber world. Google is exploring Trust API to eliminate the need for passwords by confirming users through multiple sensors on their smartphones. MasterCard’s selfie and fingerprint authentication, HSBC’s voice-recognition technology and Apple’s fingerprint scanner are also promising to change the way we do cybersecurity.
With life and business becoming increasingly digitized, the need for password security is more crucial than ever. Whether you depend upon a password to protect your information, or supplement an already solid password with additional technologies, strengthening this line of defense is your best protection against attack.