Let’s travel together.

Phishing Dominates the Headlines, But the Real Story in Cybersecurity is Passwords and How to Better Train and Educate People

Password creation and management best practices are a core focus of Drip7, a national cybersecurity training platform. People should avoid popular strings of words

“Each person today manages hundreds of passwords and the LastPass cyber breach only added to people’s fear of password managers, wondering if they’re safe. The answer is yes,” said Heather Stratford, CEO/Founder, Drip7. “All types are encrypted. You’re safer and better off using a password manager.”

With Cyber Security Awareness Month approaching in October, the importance of staying safe and best practices for companies and individuals will fill the headlines. But talk is cheap. As a society, we are horrible when it comes to password hygiene. The password “123456” is still used by 23 million account holders [[i]], while simultaneously, 90% of internet users are worried about getting their passwords hacked.[[ii]] It seems obvious most password users are missing something.

People continue to ignore cybersecurity experts’ advice to reduce their risk of a cyber breach by using a password manager and better passwords. 57% of people who have already been scammed in phishing attacks still haven’t changed their passwords. [[iii]] Anytime your password has been compromised or your account hacked, your password needs to be reset. The recent hack of LastPass, one of the world’s largest password managers with 25 million users [[iv]], has only added to people’s overall fear around password managers.

Heather Stratford, founder and CEO of Drip7 a national cybersecurity training platform explains, “There are 3 different kinds of password managers – Browser-based, Cloud-based, and Desktop-based. All types of password managers are encrypted, and all are safer than writing passwords on a post-it note.” The problem isn’t just where passwords are stored but that people reuse passwords. 71% of accounts are protected by passwords used on multiple websites [[v]] and on average a single password is used to access five accounts [[vi]].

Presently, most people feel that they have too many passwords to remember, and that is why the real story in cybersecurity is to train and better educate people on how to create and manage passwords. Stratford continues to say, “Each person has to create and remember hundreds of individual passwords. This is an essential part of living in 2022 and the LastPass cyber breach made people wonder if password managers are safe. The answer is yes. They are safe. It’s vital for every company to get a handle on passwords, as every person and every company is under attack. Choose a password manager and then create a very secure master password.”

When it comes to managing passwords, a well-chosen password manager is going to allow users to use long, complex, and unique passwords for their accounts without the stress of remembering each one. This eliminates the habit of just changing or adding one letter or number to an existing password — which 3 out of 4 people do [[vii]] and that is a huge security risk.

Risk reduction with password training is an essential part of any cybersecurity program. Passwords must be a core focus. When resetting your passwords, here are some basic steps to follow.

  • Make them long, the longer the better.
  • Make the complex, use upper- and lower-case letters, numbers and symbols.
  • Do not repeat or reuse passwords.
  • Do not use personal information that could be gathered from social media or online databases.
  • Use a unique password on each account

Drip7 takes a new approach to training employees on the fundamentals of password creation and management by using modern techniques such as gamification and microlearning. This leads to employers seeing changed behavior in their employees and reducing their potential risk of an attack.

Press Kit: HERE

About Drip7 Drip7 is a leading innovator in the field of cybersecurity awareness training and beyond with their easy-to-use, mobile-based platform utilizing microlearning and gamification to increase employee engagement and create behavior change. Drip7 combines the right science and content to produce a superior training platform, from one question or “drip” a day, to allowing employees to train when and where they want to on their phone or computer, to engaging users through an interactive dashboard with rewards and badges. Included training is focused on cybersecurity and compliance; however, the platform can be customized by a company for any training need.For more information, please visit https://drip7.com/.

[[i]] National Cyber Security Centre

[[ii]] Avant

[[iii]] First Contact

[[iv]] Forbes

[[v]] Lawless Research, TeleSign

[[vi]] Ponemon Institute

[[vii]] Entrepreneur

Share article on social media or email:

Comments are closed.