Passwords

Malware and antivirus software

Passwords

Passwords

Passwords are one of the most basic security measures, yet, with their growing number and complexity, it is becoming challenging to manage and use them safely. That is why additional protective solutions such as two-factor authentication are necessary to strengthen the password’s function.

Passwords

Passwords are one of the most basic security measures, yet, with their growing number and complexity, it is becoming challenging to manage and use them safely. That is why additional protective solutions such as two-factor authentication are necessary to strengthen the password’s function.

Reading time icon

5 min read

Reading time icon

5 min read

Why should SMBs care about passwords?

According to Verizon’s 2017 Data Breach Investigation Report, as many as 81% of data breaches are caused by weak or stolen passwords. Given that more than 5 billion passwords have been leaked online, basic password protection is being rendered ineffective.

And if you think that your organization doesn't have anything to interest cybercriminals, think again. SMBs are the sweet spot for cybercriminals, as they have more valuable data and assets than consumers, yet are more vulnerable than enterprises, which have larger security budgets.

Passwords image

How do attackers steal passwords?

1. Simple, real-world techniques include shoulder surfing with attackers observing potential victims when they type their passwords.

2. Attackers also manipulate the “human weakness” of their victims via social engineering. A professionally-crafted online form or an email (phishing attack) apparently from a trustworthy sender can persuade even well-trained users to divulge their passwords.

3. Cybercriminals with foothold in organization’s network can use malware to search fordocuments containing passwords or log password keystrokes and send this information to their C&C server. Black hats can also extract encrypted password files and crack them offline.

4. More demanding attack techniques include intercepting the network traffic of employee devices that are used remotely or in a public place.

5. One of the most popular ways to break password protection is to brute force them. Automated scripts try millions of password combinations over a short period of time until the correct one is found. This is why it has become necessary for passwords to become longer over the years. The more complex the password is, the more time cybercriminals need to guess it.

Passwords image

How to build a good password policy?

To ensure your organization has an effective password policy it’s advisable to follow specific procedures:

What else can your organization do to protect its passwords?

To better protect the passwords of your organization's employees, use of two-factor authentication (2FA) is recommended. This verifies the account holder’s identity with a one-time passcode – something the user has – in addition to the username and password – something the user knows – thus protecting access to company systems even in cases where the credentials are leaked or stolen. 

As SMS and mobile devices are frequently subject to malware attacks, modern 2FA solutions refrain from using SMS verification and instead opt for push notifications, as they are more secure as well as user-friendly. To further increase the security of the authentication process, organizations can add biometry – something the user is – by implementing multi-factor authentication (MFA). 

ESET’s powerful 2FA protects passwords

ESET Secure Authentication card image

Single-tap, mobile-based authentication provides help in securing your data in a hassle-free way in addition to meeting required compliances. It employs user-friendly push notifications for both Android and iOS, has an easy management, and fast roll-out within 10 minutes. Try now and see how it works.

Why ESET?

ESET has over 25 years' experience of helping people to Enjoy Safer Technology. Our software is light on hardware, but hard on malware.

Our Technology

ESET’s award-winning NOD32® Antivirus technology is at the cutting edge of digital security. It’s updated daily to keep you secure.

Free Support

Enjoy your free, industry-leading customer support locally. For technical, sales and marketing enquires dial (852) 2893 8186.