Password for your wifi

A password is one of the simplest and strongest ways to deliver high-strength IT security, but it’s also one which has the potential to cause great damage.

We use passwords on such a regular basis that their presence has become the norm. Logging onto your PC in the morning requires a password, unlocking your PC screen is only possible with a password and signing into your webmail needs, you guessed it, a password. In fact, such is their ubiquity, one study has estimated, on average, we use 100 passwords. And remembering all of these is difficult! Therefore, it comes as no surprise that many of us use the same password across multiple platforms. But this is one of the biggest mistakes you can make in IT.

The Dangers of Recycling Passwords

It may be quick and easy to recycle your passwords, but there are some major reasons why IT professionals advise against it:

  • Passwords need to be complex: rather than recycling passwords, some people favor site specific passwords e.g. using ‘password123gmail’ for Gmail and then ‘password123facebook’ for Facebook. While this may be enough to outwit an automated bot, a sentient threat actor will be able to easily put 2 + 2 together and uncover your strategy. As such, you need passwords which are both unique and complex.

Creating Different Passwords

As we’ve already said, creating different passwords doesn’t have to be difficult, and you don’t even have to remember them. All you have to do is:

  • Use a password generator: from Google Chrome to LastPass and on to security providers such as Norton, there is plenty of choice when it comes to using technology to generate a password. These applications take your passwords to the next level and will never suggest something as simple as Qwerty123. Instead, they will generate complex passwords which include numbers, mixed case letters and symbols.
  • Store your passwords securely: as well as acting as a password generator, many password apps also contain or link up to password managers. These secure devices store your complex passwords and take the pain out of remembering those 16-character passwords you struggle to remember. All you have to do is authorize them to fill in your login credentials each time you go to log in.

Final Thoughts

In 2023, there’s no excuse for using the same password across multiple logins. It’s a sure fire way to maximize the impact of a security breach, so you need to take the necessary steps to prevent this. Thankfully, the presence of password generators and managers mean that your passwords can instantly be upgraded and secured.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


What exactly happened when LastPass, a password manager service, found itself at the center of a data breach? And what does this mean for your passwords?

Password managers provide a convenient service, one where complex passwords can be generated instantly and then, going forward, auto-fills when requested. LastPass is a successful example of what a password manager can do, but it’s a role which comes with great responsibility. Login credentials, after all, are often the difference between gaining access and being denied access to a user account. Therefore, password managers need to be sure the credentials they hold are highly secure.

However, as LastPass users are now finding out, password managers are highly tempting to threat actors, and far from 100% secure.

How LastPass was Hacked

Used by millions of users all over the world, LastPass has established itself as one of the leading password managers. Unfortunately, this credibility has been rocked by revelations that the service’s encrypted password vaults have been stolen by hackers. The attack – which took place in August 2022 – was ambitious, and its success even more so.

LastPass’ backup copies of their users’ password vaults were stored, apparently securely, on a third-party cloud storage platform. This, in itself, is nothing unusual; storing backup copies of secure data in remote locations is good practice. Nonetheless, once third parties become involved in storing your data, you relinquish control of this data’s security. And this is exactly where LastPass has fallen victim to threat actors.

While the mechanics of the breach remain under wraps, LastPass has had to admit that personal identifiers – including addresses, phone numbers, credit card details and IP addresses – are among the stolen data. The password vaults – which are encrypted – have also been stolen, so this means the threat actors are closer to knowing your password. And, given they now have access to your personal identifiers, it makes brute force attacks easier.

What to Do if You’re a LastPass User

LastPass has been keen to stress that, although stolen, the password vaults are secure due to the encryption protecting them. However, these encrypted passwords are now in the hands of an unauthorized party and means they are seriously compromised. Therefore, it’s crucial all LastPass users take the following decisive actions:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


It’s impossible for a PC to be 100% secure, but there’s nothing to stop you strengthening the defenses of your PC.

With cyberattacks on small businesses at an all-time high, there’s never been a more important time to strengthen your PC’s security. However, as ever, budgets are a crucial factor in achieving this. Thankfully, investing thousands upon thousands of dollars isn’t your only option (although it certainly helps) as simpler solutions are available. Many of these are processes which are either overlooked or simply unknown to most PC users. But the enhanced security they offer is unarguable. Therefore, it’s time integrate these 7 quick tips to improve the security of your PC:

  1. Automatic updates: software vulnerabilities are a sure-fire way to open your IT infrastructure to the world, so it’s vital you install updates as soon as possible. Installing updates, though, is far from glamorous and this is why many PC users fail to install them when available. Luckily, it’s possible to implement automatic updates in Windows to take the pain out of this process.
  • Never write down your passwords: it may be one of the biggest sins when it comes to PC security, but PC passwords are routinely written down in every single business in the world. And it’s a practice which needs to stop. The only place passwords should ever be stored is in either your memory or a password manager.
  • Shut your PC down: when you’ve finished on your PC for the day, you should always shut it down. It may be tempting to leave it running, so that you can start straight away again the next day, but all this does is label your PC as a sitting duck for hackers.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Almost all cyber-attacks are due a common denominator: a mistake. We aren’t perfect, of course, but we can limit number of IT security mistakes we make.

Working on a PC is far from straightforward and, as a result, the sheer number of complex routines you must work through leaves plenty of room for mistakes. At the same time, all a hacker needs to take control of your system is a few milliseconds. Accordingly, even the smallest security mistake can leave your PC at the mercy of a hacker. However, by understanding what the most common, and usually simplest, IT security mistakes are, you can strengthen your IT defenses almost immediately.

Start Eliminating These Mistakes Today

If you want to make sure your IT infrastructure is safe from hackers, then you need to avoid these five IT security mistakes:

  1. Not locking your screen: you may trust your work colleagues, but the fact remains that numerous people will enter your organization’s premises throughout the day. Some may be familiar, some may not. And that’s why it’s crucial you lock your screen. All you have to do is hit the Windows button and the L key; your screen will be locked with a password and the contents of your PC immediately protected.
  • Underestimating your value as a target: threat actors are malicious and, although they are certainly interested in big targets, they’re equally likely to target smaller organizations too. Additionally, many cyber-attacks are automated and don’t discriminate against who they attack. Therefore, never assume that your small business is of no concern to hackers. Remain vigilant and practice good IT security.
  • Passwords on Post-it notes: we all know that remembering passwords is difficult, but the biggest mistake you can make is by writing your password on a Post-it note. And then sticking it to your monitor. Sure, it’s convenient for you, but it’s also highly convenient for anyone looking to compromise your PC. Instead, create passwords you can easily remember, but are difficult for anyone else to crack.
  • Assuming email attachments are safe: ever since email became a mainstay of modern communications, it has carried a huge risk of delivering malware through email attachments. Most concerning of all, these infected attachments may be sent by email contacts you consider safe, it could even be your colleague sitting next to you. Threat actors can easily take control of a victim’s email address book and email malware under the guise of the victim’s email address. And that’s why you should evaluate every email you receive.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Social engineering is one of the modern menaces of online life, and this has been demonstrated by a recent malware attack on a Swedish camera firm.

Axis Communications, who manufacture network and security cameras, are the company at the centre of this recent attack. The organization announced that they had been the victims of what they described as an “IT-related intrusion” and advised that, as a result, they had temporarily closed their public-facing services online. Naturally, the attack caused great disruption to Axis; it also brought to light a number of shortfalls in cyber-security, namely the impact of social engineering.

What is Social Engineering?

Social engineering is a form of hacking which involves using various methods of deception to glean information from the victims. So, for example, an employee who receives an email, from what appears to the organization’s IT department but is from a fake email address, asking for confirmation of their login credentials is a form of social engineering. And these incidents of social engineering don’t have to take place online, simply telling someone your mother’s maiden name – a popular choice for password recovery questions – is another example.

This image has an empty alt attribute; its file name is bus-cyber-attack2-lrg-960x480.jpg

How The Axis Attack Happened

The exact details of the Axis attack are yet to be released as the company are conducting a forensic investigation intoexactly what happened. Nonetheless, they have revealed the following details:

  • Several methods of social engineering were used in order to gain access to the Axis network, these were successful despite the presence of security procedures such as multi-factor authentication.
  • Advanced hacking techniques were used by the hackers – once they had breached the network – to enhance their credentials and gain high-level access to restricted areas.
  • Internal directory services were compromised by this unauthorized access.
  • While no ransomware was detected, there was evidence that malware had been downloaded to the Axis network.

Following concerns of suspicious network activity, and the employment of IT security experts, all external connectivity to the Axis network was closed down.

How to Protect Yourself from Social Engineering

It can be difficult to tackle the highly polished social engineering methods employed by hackers, but following the practices below can make a real difference:

  • Always Think: slowing down and assessing the situation is crucial when it comes to social engineering. If someone has asked you for sensitive information, such as password details, ask yourself why the need this and what could they do with it? Internal sources – such as managers and IT departments – will never ask for this, so guard your password carefully and, to clarify the situation, speak face-to face with the person who has apparently asked for it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

1 2 3 6