We tend to fancy our passwords as undecipherable, but the data clearly shows otherwise: 60% of the breaches analyzed in Verizon’s 2021 Data Breach Investigation Report leveraged weak or stolen passwords. Cybercriminals aren’t just guessing our passwords; they’re making well-informed guesses. They can use several methods and tools to hack passwords, such as programs that record keystrokes, social engineering (e.g., phishing), and password dictionary databases with lists of the most commonly used password phrases.
One of the most effective ways to prevent password-related cybercrime is multi-factor authentication (MFA). This security enhancement requires two credentials (or more) when logging in to an account. An example of MFA would be entering a password on your computer, then entering a different passcode on a mobile app to produce a randomly generated PIN required to finish the login process. With MFA in place, even if your password is hacked, chances are cybercriminals won’t be able to breach your data.
Whether you use MFA or not, you should never take password strength lightly.
“Using long and complex passwords is one of the easiest ways to defend yourself from cybercrime,” according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
Follow these simple tips from CISA to help strengthen your passwords:
Don't get personal
It’s tempting to use personal information, like a pet’s name, to create a password that you can remember. But that also makes it easier to guess. In the age of social media, personal information isn’t hard to come by.
Avoid using familiar words in your passwords. Substitute letters with numbers and punctuation marks or
symbols. Use phonetic replacements, such as “PH” instead of “F.” Or make deliberate but obvious misspellings,
such as “enjin” instead of “engine.”
Keep your passwords to yourself. Watch out for hackers trying to trick you into revealing your passwords through phishing emails or calls.
Avoid using the same password for every account. Mix things up to mitigate risk. The most secure way to store all of your unique
passwords is by using a password manager. With just one master password, a computer can generate and retrieve
passwords for every account you have.
Visit our Cybersecurity Resources page for more tips and free resources.
Contact our Risk Control and Consulting team for more resources and answers to your housing organization’s risk-related questions.
Interested in Working With HAI Group? Our Account Services team is ready to assist you.
Includes copyrighted material from a company under the HAI Group family, with its permission. This post is for informational purposes only and is not intended to provide legal advice, and shall not be relied on as such. We strongly recommend consulting with legal counsel or an appropriate subject matter expert.