Sharing is Not Caring: The Dangers of Sharing Passwords & Credentials

Passwords are the keys to our virtual kingdoms, and threat actors have become increasingly more adept at stealing, guessing, and hacking them. Unfortunately, many users still don’t follow standard safety practices – even those who should know better. A recent  survey of IT decision makers found that more than half (53%) of IT managers share passwords with colleagues by email, and 92% use the same password for multiple accounts. 

Risky password behavior can lead to astronomical costs, both financially and in terms of intellectual property and identity theft. In 2023, stolen credentials were responsible for nearly half of data breaches, with an average cost per breach of $9.48 million. In addition to the financial risks, data breaches can also compromise your data and that of your customers.  

Many of the companies represented by these statistics already use a password manager of some kind, and that number is rising. But user practices still represent a critical component of both the problem and the solution. 

5 Keys to Building a Healthy Relationship with Your Passwords

A robust, unique password is the first line of defense against these critical cybersecurity risks. To keep passwords and data safe, companies need to shore up their defenses, which includes educating team members about password best practices. Here are some of the most important ways to keep passwords safe.  

Don’t Share Passwords with Your Partner

Whether at work or at home, password sharing puts your sensitive information at risk. In addition to the obvious problem of threat actors gaining unauthorized access, shared passwords can multiply risks. Further complications arise when users share passwords on an unencrypted platform such as email, text, or a chat application, making it easy for hackers to intercept those credentials and gain access.

If you’re going to share your password with your partner, at least do it with a password manager!

Be Unpredictable

Don’t be an open book when it comes to your password choices. Passwords such as “123456” or “admin” are, unfortunately, still among the most commonly used passwords in 2023. Hackers can crack these passwords in seconds (or less), throwing the doors to your system wide open. 

Instead, the National Institute of Standards and Technology (NIST) recommends choosing an unpredictable password that is:

  • Long – Choose a password that is at least 12 characters long.
  • Complex – Don’t use easily guessed passwords like words, names, or birthdays. Instead, intersperse special characters, numbers, and symbols between letters to create complexity.
  • Unique – When a password change is required, don’t make the mistake of just tweaking a character or two but keeping the password basically the same. Choose a unique password each time.
  • Be Exclusive
    Using the same password for multiple accounts opens the door for hackers to gain access to a more secure account by breaching a less secure account. Once they have the password, they can use it to gain access to multiple sites, accounts, or networks.
  • Change It Up with MFA
    Interestingly, NIST does not recommend changing your password more than once a year unless a breach has occurred. However, the guidelines do recommend using multi-factor authentication (MFA) to add additional layers of protection. MFA uses one or more additional authentication factors to verify a user’s identity, such as a pin number, code, or biometric. Because data breaches have become so costly and frequent, many insurance companies now require MFA in order to receive coverage.
  • Share Safely
    While sharing passwords manually with coworkers is not recommended, it is possible to share safely using a password manager. A password manager allows team members to share access without revealing the actual password. 

How Password Managers Keep Your Data Safe

In addition to strong password policies, your cybersecurity program should also include a password manager to reduce risk and protect user credentials. Password managers eliminate the need for users to create and remember multiple complex passwords. Instead, the password manager generates and stores strong passwords for each account, and users access their accounts using a single master password. 

At CyberFOX, we make it easy to keep your system safe from threats using our robust, intuitive tool. Our password manager protects against theft, enables secure password sharing, and integrates the technology you already use to deliver end-to-end password safety. Contact us today to learn more!

Get the latest insights delivered to your inbox

Subscribe to identity and access management news and resources from industry experts.