Password Security Problems for Los Angeles Distributors

Henry Ngo | Sep 17, 2015

Password Security Problems for Los Angeles DistributorsDid you know? Human beings are not designed to remember more than about seven things at once. One password for Los Angeles distributors with eight or more characters is already a challenge.

Managing several different passwords for an inventory management system, an email account, and a corporate banking application can be an enormous challenge. This is where the following problems with password security start.

Forgot your Password?

Forgetting a password is an occupational hazard in any business. The problem is in getting it back. For many Los Angeles distributors, this means user downtime and IT department effort. That is a waste of resources all-round.

Password too Short

Short passwords are easier to remember. However, they are also easier to hack. Password hacking tools on ordinary PCs can check out billions of possibilities per second. If your password only has four characters, it is game-over very, very fast.

Password too Obvious

So we’ll make it longer and harder to hack. However, we’ll also make it easy to remember, for example, ‘serendipity’. Unfortunately, serendipity is a word in the dictionary and hacker software zips through all dictionary words almost as fast as the four-character combinations mentioned above.

Password Security Question too Obvious

A variation on the previous theme, your password may be difficult to guess, but this will not help you if the answers to your security questions (for when you forget your password) are evident. For example, your date or place of birth is often easy for a hacker to find out.

The Sticky Note Security Hole

Don’t laugh. It is probably going on in your company right now. People write their hard-to-hack password on a sticky note and put it on the side of their screen or under their keyboard. Then they can always find it again. And so can anyone else.

Same Password, Multiple Apps

To economize on brain power, you may be tempted to use the same password for your accounting app login and your HR system login. Or worse still, for your personal Facebook account too. This gives hackers lots of additional ‘attack vectors’ to get that one key that now unlocks so many doors.

Passwords that are Shared

Your colleague needs to get into the sales system right now to clinch a big order from a reseller. He has forgotten his password. He asks you for yours. Unfortunately, he will not be able to “give it back to you”. Such a password has now entered the Twilight Zone, and anything can (and frequently does) happen to it.

Passwords that are Ancient

To prevent hackers guessing your password over time, you should change it. To change it to another hard-to-hack password, you’ll have to make a new effort to remember it. Many people cannot face the prospect and hang onto the old one for years and years.

Passwords in Clear Text

Did you think passwords in systems were always held and communicated in encrypted versions? Watch out for phenomena like the Internet of Things, gathering data from your picking and packing operations or your transport fleet, for instance. Password encryption sometimes gets forgotten in the excitement.

Just Helping “Someone from Support”

This is the hacker’s secret weapon. He or she will masquerade as somebody from support or a service provider, and phone a user to ask for a login and password ‘to run a test’. This social engineering is very simple and very effective.

 

What other password security problems have you encountered? Share your experience and any tips you would give on improving password confidentiality, with a few words in the Comments section below.

 

And to follow-through on the tips introduced in this short article, be sure to download your free guide, How COOs at Los Angeles Distributors and Manufacturers Get More Done: A Guide to Productivity, Data, Staffing, Delegation, and Making It Home for Dinner Most Nights.

 

New Call-to-action

Author

Henry Ngo

Henry Ngo

In addition to his day to day NOC duties, as one of FPA's bloggers, Henry develops value based blog content sharing his technical expertise with our clients and friends. Henry addresses topical issues in real and meaningful ways communicating technical concepts in an easily digestible way.

Comments