Wen you are a personal user using personal things, this could still be a big problem. This is because using the same passwords could lead to your accounts being taken over and nothing that the company can do.
The number of employees or annual revenue may classify your business as “small,” but in today’s digital landscape, organizations of all sizes handle valuable and sensitive information that cybercriminals want to get their hands on. Hackers seek easy targets to steal customer data, financial records, and intellectual property for monetary and material gain – and password reuse makes for easy targets. When your employees reuse passwords, cybercriminals view your small business as an attractive target with a high rate of return on their efforts. Small businesses may have more limited IT resources than large corporations, but understanding and addressing password reuse is feasible and will reduce the risk of data breaches and financial loss.
Even though I am a personal user in most cases, I do run a small business. But this gives me no reason to be complacent in my security. I must be aware that if it can happen o me as a person, it could happen to me, as a business as well.
The human psychology of password reuse
We know that humans are not good at remembering long, complex passwords. But this can work both ways. If you use a password that may not be recommended today because its something you remember, if you ever go to the work place and find you can’t use that password, you will be completely lost. For an example of some of the dumbest passwords, here’s that blog post leading to Kim Komando who talks about this.
We talked about this some during Throwback Saturday Night for the 27th, here’s the page to get those podcasts. Make sure you jump to hour 2 by going 1 hour in.
While we don’t know about what happened in the password being used to allow source code and others to get out of Git Hub, this is only one blog post talking about mistakes on why passwords are so important to keep under lock and key.
And, while I’m at it for human psychology, I mise well highlight why one article seems to be contradictory.
Lastpass writes:
Human memory is not optimized to remember long, random strings of characters. Our brains feel much more comfortable with familiar words, names, and patterns we can easily recall. Plus, with an explosion in the number of online accounts we have to keep track of at home and in the workplace, reusing the same password is much less mentally taxing. Password reuse is more convenient and reduces the overall cognitive load.
I understand. And that is why there are ways to deal with this including password managers and pass phraises which you would change to meet your needs.
Some employees may lack awareness of the potential effects of weak password practices. If they have yet to experience negative consequences, they may be apathetic toward password security or overly confident in their cyber savviness. Nearly 80% claim their cybersecurity education – whether formal or informal – is adequate. Plus, humans are creatures of habit, and some people may resist adopting new security practices when it feels too challenging or disruptive.
This is why the people who run the company don’t give new employees the opportunity to choose a password, you choose one, you use the password manager and have their credentials they need in it.
This is going to be this week’s topic, and The Perils of Employee Password Reuse is the article linked for everyone to read.
Put your thinking caps on, let’s come to discuss this one this week. Thanks for reading, make it a great day!
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.