In the 1983 movie WarGames, Matthew Broderick’s character hacks into a powerful military supercomputer by correctly guessing a single password. Computers, hackers and cyber security have come a long way since the WarGames days. Now, savvy organizations use a combination of strong passwords and multi-factor authentication to secure sensitive data and processes.
Think of your early passwords. Perhaps you used a pet’s name or your last name, followed by the month and year of your birth. (Perhaps you still use those passwords. If you do, change them. Now.)
Then, experts told users to add a mix of uppercase and lowercase characters, numbers, and special characters. Your password changed to Snoopy42#, and some services forced you to choose a new password every 90 days. As a result, you cycled through the same five passwords, occasionally changing the number.
Then, in 2017, the National Institute of Science and Technology (NIST) released updated password guidelines. These guidelines emphasize password length over complexity. Specifically, they advocate using passphrases instead of passwords (for instance, SnoopyLove$P3anuts). And they no longer advise frequent password changes.
While the new guidelines help, passwords remain a problem. The average user needs to remember dozens, if not hundreds, of passwords. As a result, users develop bad habits, such as reusing passwords or writing them down. Additionally, when a hacker learns a password through phishing or keylogging, the complexity of the password makes no difference.
Consequently, organizations increasingly turn to a combination of passwords and multi-factor authentication to keep the business and its data safe. Multi-factor authentication, sometimes referred to as two-factor identification, adds a layer of security by requiring multiple pieces of evidence to prove identity. This typically includes at least two of the following:
For example, when banking on a new computer, you might have to enter a code sent to your cell phone, in addition to your login and password.
Recent studies indicate that use of multi-factor authentication has nearly doubled since 2017. While that research demonstrates a positive trend, additional studies show that small businesses have been slow to adopt multi-factor authentication.
Some users resist the added steps required to access necessary applications and networks. Additionally, multi-factor authentication solutions can prove complex and costly to implement.
However, organizations can no longer afford to choose convenience over security. Hackers see small to medium businesses as prime targets for attack. And companies can easily spend many times more recovering from an attack than they spend deploying multi-factor authentication.
Fortunately, multi-factor authentication offers a number of benefits to small businesses. Most important, it brings an extra layer of protection to critical assets. This added security strengthens regulatory compliance. Additionally, it demonstrates to customers that the business places a priority on the security of sensitive data.
Make the commitment now to secure sensitive data for your business and your customers with a layered solution that includes both passwords and multi-factor authentication. With decades of experience customizing cyber security solutions for businesses of all sizes, eMazzanti will help you find the right solution that balances security with usability.
Think of all the devices accessing your network, from laptops and PCs to tablets and…
Penetration testing, the process of simulating cyberattacks to identify vulnerabilities, plays an essential role in…
Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. Is your organization trying to…
Migrating to the cloud delivers undeniable business benefits. But it also opens the door to…
Carl Mazzanti is the president of eMazzanti Technologies in Hoboken. One of our clients —…
With the new Microsoft Planner joining the Microsoft 365 universe this year, users are taking…