Sophos Cyber Security Awareness Tip 2: Strong Passwords
Happy Cybersecurity Awareness Month!
Throughout the month, we’re partnering with Sophos to provide bitesize cyber security guidance based on the event’s weekly themes.
Week 2 Focus: Using Strong Passwords & Password Managers
Stealing passwords remains a popular way for criminals to gain unauthorized access. Choosing a strong and complex password makes it harder for hackers to guess it.
You should also have multi-factor authentication enabled to ensure the access to your accounts and the precious data contained within them is more secure and not prone to accidental or deliberate attempts to breach them.
Consider using a password manager, as they can store, generate, and even apply your passwords. Making it easy to have different passwords for each account all the while removing the need to remember so many!
Sophos Password Cyber Security Article
To highlight password importance, this provides practical guidance on preventing threat actors from getting (and using) your passwords.
According to the Sophos Active Adversary Playbook 2021, the use of valid accounts (via a user name and password) featured in the top five techniques for initial access in breaches (MITRE ATT&CK Technique T1078).
Valid credentials feature heavily in the initial access stage, but they can also be used throughout the attack chain, including persistence, privilege escalation, and defense evasion.
Sophos How To Pick A Proper Password
This video offers useful tips about how to create a proper, secure password and explains why it’s worth it.
Sophos Cybersecurity Best Practices Toolkit
The toolkit is packed with useful resources to help you optimize your protection and stay one step ahead of the criminals. We hope you find these resources both informative and useful!
