Passwords are a fundamental aspect of cybersecurity, and whilst for now, passwords are here to stay, it is unlikely most organisations can go fully password-less.
As highlighted in our previous blog regarding How Multi-factor Authentication (MFA) Can be Breached, MFA simply isn’t enough of a security measure to then forget about the importance of password security and weak, default or breached passwords.
Weak, default or breached passwords are one of the biggest threats to a user and/or business. Account compromises usually start with the threat actor discovering a user’s credentials from dictionary attacks to password spraying. Once the threat actor has obtained a password, they will then move their focus on compromising MFA. Once they overcome these lines of defence, they will then conduct lateral movements across a trusted environment to access valuable assets such as sensitive data, and may proceed to harvest, encrypt, and/or delete that data.
A weak password dramatically increases the chances of the threat actor ultimately breaching accounts. Strong passwords offer no protection if that password has already been compromised. There are several legitimate websites which you can search to see if your password has been compromised and leaked online. However, the simple rule of thumb is to avoid using weak or default passwords for accessing multiple systems and to enforce a strong password policy and ensure regular password changes.
MFA is then the additional layer of security it’s intended to be.
At Symetri, we understand the importance of tailored education and deliver exceptional training solutions, available both in our classrooms or through our unique Virtual Classroom. Here, we explore the many advantages of committing to a learning path with Symetri and how it can transform both personal and professional growth.
As businesses continue to rely on digital tools and internet connectivity, cyber risks remain a constant concern. This month, we're exploring three important topics: the hidden risks of public Wi-Fi, the importance of regular IT audits, and QR code security. These insights will help you stay secure and ensure your business IT infrastructure remains resilient.
As we enter the new year, it's crucial to stay informed about the latest tools and strategies to safeguard your digital life and optimise productivity. This month, we're focusing on three essential topics to help you strengthen cybersecurity practices and make the most of your technology. Learn how password managers can protect your sensitive information, understand the rising threat of malvertising and how to avoid it, and explore smart Windows 11 settings designed to boost efficiency in your daily tasks. These insights are designed to empower you with practical tips to stay secure and work smarter in 2025.