When passwords are compromised, everything from social media accounts to private software and bank accounts and beyond can be at risk. A hacker can easily gather enough information to steal money, your entire identity, or even cripple an entire business. Yea, it’s that serious. Passwords are your first line of defense against a cyberattack, and if you’re not serious about them, you’re basically leaving the door open to your attackers.
In this guide, we’ll take a look at seven of the most hard-learned lessons taught to us by password breaches. Throughout history, billions of breaches have occurred, and every breach has a lesson. Here are some of the most profound lessons to remember.
1. The Cost Is Enormous
Let’s stop for a moment and consider the financial implications of a successful cyberattack. If you’re like a large percentage of the population, you’re using the same (or similar) password(s) for all of your online accounts, even your work accounts. The problem with this is that one password that’s been breached can be used to access dozens of other accounts, and suddenly, your bank, social media, work, and other accounts are jeopardized.
The average cost for a business of a data breach is about $8 million. Identity theft can cost as little as $1,300, but that’s assuming you’re only experiencing momentary losses and are able to recover your identity quickly. Often, people don’t realize their identity has been stolen until major financial purchases are made, and by then, you’re thousands of dollars in debt for things you didn’t even buy.
2. People Don’t Take Passwords Seriously
The sad truth is that people don’t take their passwords seriously enough. On average, about 72% of users recycle their passwords four times. More than half of all internet users reuse the same password across two or more accounts, and a depressingly large number of people use one password for everything. The bottom line? We don’t take our passwords seriously enough, because if we did, we wouldn’t be using the same one for our Facebook account and mobile banking app.
When a data breach occurs, the hard truth gets put right in front of us where we can’t look away. Once a breach occurs, you simply can’t afford to neglect your passwords any longer. Or, at least, that’s how it should be. Only about a third of people actually change their passwords following a breach.
3. The Right Tools Matter
Of course, even with good password habits, having the right tools at your disposal can make all the difference in the security of your passwords. A business password manager is one tool that every business needs, despite its size or industry. Managing, storing, and creating passwords securely is of the utmost importance, and storing them in that Google Doc just isn’t secure.
A password manager provides a secure and accessible app for you to store, manage, organize, and share your passwords. You’ll also get access to features like password generator tools, dark web monitoring, and more; depending on the service you’re using. The point is don’t go without a password manager!
4. Small Businesses Are More Vulnerable Than They Think
There’s a common misconception that cyberattacks only happen to large corporations with millions of customers. After all, why would you attack a small business that doesn’t guarantee as much of a payout? It’s simple—larger businesses will have a much more sophisticated security system in place (in most cases), and can afford the best tools and specialists to help them get it right. A small business is more vulnerable because it doesn’t have access to the same resources.
With weaker security, fewer resources to pool for support, and possible password neglect, small businesses are the perfect target.
5. Security Isn’t Enough Of A Priority
Overall, one could observe that cybersecurity in general isn’t enough of a priority for us as a society. With identity theft at an all-time high, cybercrimes skyrocketing during the pandemic, and even the US government under attack recently, cybersecurity needs to be something we’re all concerned with. Just about everything we do is via the web, which means we need to take individual measures to secure our own data and create a more secure internet overall.
6. Bad Password Habits Are Rampant
The unfortunate truth that a password breach often reveals is that bad password habits are rampant. People don’t take passwords seriously, and often use their own names, birthdays, addresses, phone numbers, and other easy-to-remember-but-easy-to-guess information in passwords. The golden rule of password generation is to never use any self-identifying or company information. And, of course, never use a password more than once. Ever. No, really. Don’t reuse your passwords.
7. Hackers Know Our Weaknesses
As our security measures improve, so too do the hackers’ measures. They’re always looking for new ways to breach our security walls, and they often find them. We often don’t even know how sophisticated their methods are until a breach happens, and then it’s too late. The best we can do is take care of our own systems by practicing good password habits, spending, the necessary money on security tools, and understanding that security at an individual level means a more secure internet overall.