Password for your wifi

A password is one of the simplest and strongest ways to deliver high-strength IT security, but it’s also one which has the potential to cause great damage.

We use passwords on such a regular basis that their presence has become the norm. Logging onto your PC in the morning requires a password, unlocking your PC screen is only possible with a password and signing into your webmail needs, you guessed it, a password. In fact, such is their ubiquity, one study has estimated, on average, we use 100 passwords. And remembering all of these is difficult! Therefore, it comes as no surprise that many of us use the same password across multiple platforms. But this is one of the biggest mistakes you can make in IT.

The Dangers of Recycling Passwords

It may be quick and easy to recycle your passwords, but there are some major reasons why IT professionals advise against it:

  • Passwords need to be complex: rather than recycling passwords, some people favor site specific passwords e.g. using ‘password123gmail’ for Gmail and then ‘password123facebook’ for Facebook. While this may be enough to outwit an automated bot, a sentient threat actor will be able to easily put 2 + 2 together and uncover your strategy. As such, you need passwords which are both unique and complex.

Creating Different Passwords

As we’ve already said, creating different passwords doesn’t have to be difficult, and you don’t even have to remember them. All you have to do is:

  • Use a password generator: from Google Chrome to LastPass and on to security providers such as Norton, there is plenty of choice when it comes to using technology to generate a password. These applications take your passwords to the next level and will never suggest something as simple as Qwerty123. Instead, they will generate complex passwords which include numbers, mixed case letters and symbols.
  • Store your passwords securely: as well as acting as a password generator, many password apps also contain or link up to password managers. These secure devices store your complex passwords and take the pain out of remembering those 16-character passwords you struggle to remember. All you have to do is authorize them to fill in your login credentials each time you go to log in.

Final Thoughts

In 2023, there’s no excuse for using the same password across multiple logins. It’s a sure fire way to maximize the impact of a security breach, so you need to take the necessary steps to prevent this. Thankfully, the presence of password generators and managers mean that your passwords can instantly be upgraded and secured.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


What exactly happened when LastPass, a password manager service, found itself at the center of a data breach? And what does this mean for your passwords?

Password managers provide a convenient service, one where complex passwords can be generated instantly and then, going forward, auto-fills when requested. LastPass is a successful example of what a password manager can do, but it’s a role which comes with great responsibility. Login credentials, after all, are often the difference between gaining access and being denied access to a user account. Therefore, password managers need to be sure the credentials they hold are highly secure.

However, as LastPass users are now finding out, password managers are highly tempting to threat actors, and far from 100% secure.

How LastPass was Hacked

Used by millions of users all over the world, LastPass has established itself as one of the leading password managers. Unfortunately, this credibility has been rocked by revelations that the service’s encrypted password vaults have been stolen by hackers. The attack – which took place in August 2022 – was ambitious, and its success even more so.

LastPass’ backup copies of their users’ password vaults were stored, apparently securely, on a third-party cloud storage platform. This, in itself, is nothing unusual; storing backup copies of secure data in remote locations is good practice. Nonetheless, once third parties become involved in storing your data, you relinquish control of this data’s security. And this is exactly where LastPass has fallen victim to threat actors.

While the mechanics of the breach remain under wraps, LastPass has had to admit that personal identifiers – including addresses, phone numbers, credit card details and IP addresses – are among the stolen data. The password vaults – which are encrypted – have also been stolen, so this means the threat actors are closer to knowing your password. And, given they now have access to your personal identifiers, it makes brute force attacks easier.

What to Do if You’re a LastPass User

LastPass has been keen to stress that, although stolen, the password vaults are secure due to the encryption protecting them. However, these encrypted passwords are now in the hands of an unauthorized party and means they are seriously compromised. Therefore, it’s crucial all LastPass users take the following decisive actions:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More