Many people use the same or similar password for most websites, including for their company’s web platforms and remote access. It’s human nature, but also a major problem. Hackers have compiled a database of over 2.2 billion records of login credentials – user names, email addresses and passwords — and are sharing these stolen credentials online. So even if a company has complex password requirements, and requires users to change their complex passwords often, hackers can still use this database of billions of exposed passwords to infiltrate other systems.
“While your company’s systems may not have been breached, it is possible that your employees’ passwords have been,” says Justin Cohen, a partner in the Dallas office of Thompson & Knight. “If you have employees that have created online accounts with Facebook, Marriott, eBay, LinkedIn, Yahoo!, Orbitz or any number of other websites or systems, it’s likely that your employees’ passwords have also been exposed.”
To address this problem, Google has launched a new extension to its Chrome browser to alert users if a password has been exposed. But for many, that may not be enough to address the risk of exposed credentials.
“Companies should encourage employees to use a password management tool, such as Keeper, LastPass, or 1Password,” says Cohen. “These tools store your credentials for various websites, apps, and portals so you don’t have to memorize each one.” He says these tools can also test a password’s strength, and give a score on password security and also help change individual passwords.
For more information, contact Barry Pound at 800-559-4534 or firstname.lastname@example.org.