In today’s digital age, focusing on password management is crucial to safeguarding personal and professional data against identity theft or hacks against your business. In addition to password management solutions, many businesses are turning to additional security measures such as biometric scanning to protect their corporate devices.
In order to successfully manage your passwords and keep up with the latest developments in device security, follow these six tips.
1. Keep Your Passwords Unique
For stronger security practices, you must keep all your passwords unique. Repeating passwords between applications and websites means if one application is compromised, other accounts where that password is used are vulnerable as well.
The 2017 Credential Spill Report by Shape Security shows that more than 3 billion credentials were reported stolen in 2016. Further, Shape noted that testing stolen credentials (known in the security world as a credential stuffing attack) generated more than 90 percent of login traffic on many of the world’s largest websites and mobile applications.
2. Change Your Passwords on a Regular Basis
Having unique passwords doesn’t mean you get out of changing them on a regular basis, because it’s security mitigation that any user can perform for themselves. Most enterprise IT departments have policies for employees to change passwords, and enterprise and SaaS applications often have a similar requirements for users. Changing user passwords regularly is part of many corporate compliance programs. It’s also a best practice to change passwords after a known security breach.
When you don’t have corporate policies nudging you to change your passwords, consider using the end of the year or another calendar event as a time to change your important personal passwords.
3. Skip Paper for Your Passwords
It’s easy enough to write down your passwords and keep them in a paper notebook, or worse, on a sticky note on your cubicle wall. But keeping passwords in plain sight is an invitation for the wrong people to learn them. You should also skip using your battered college dictionary for coming up with passwords; there’s password cracking software available that can run through dictionary lists in little time.
Implementing a software management solution limits the number of people who have access to your passwords, decreasing the risk of discovery.
4. Replace Your Passwords with Biometrics
Samsung Pass is a solution for storing, managing and securing your personal and corporate passwords on your smartphone. But unlike other password management solutions, Samsung Pass allows you to replace your IDs and passwords with your biometrics. People forget passwords, but they can’t forget their biometrics. Moving to a solution like Samsung Pass alleviates the need to follow the above steps, because the solution does the work for you.
5. Use Two-Factor Authentication for Added Security
Two-factor authentication (2FA) requires not only one password, but another authentication factor to verify the identity of a user. A standard 2FA method is to text a passcode to the user’s smartphone. Some programs allow you to use biometric authentication as part of your 2FA.
Biometric scanning is the ultimate unique identifier for securing your personal or corporate mobile device. Because only one person can use the iris scanner, it decreases the number of people who can access your phone; it can recognize you even if you’re wearing glasses or contact lenses. Since its quick and easy, it also enhances the user experience while strengthening security, offering a more seamless solution to 2FA mobile security.
Iris information on devices with Samsung Pass is digitized and saved in a Knox TrustZone as an encryption code. While there are some reports of fake fingerprints fooling biometric scanners, you’ll have a hard time fooling iris scanning outside of “Mission Impossible.” The iris scanning technology in today’s scanners can sense the difference between a human eye and an artificial eye, making it a very difficult biometric to duplicate.
6. Educate Yourself on the Corporate BYOD Program
Password policies are also part of many corporate BYOD programs. Your employer could use an enterprise mobility management (EMM) solution to set the following policies:
- Lock screen password to protect the physical security of the device
- Password protection over any corporate-mandated secure containers on the device
- Encryption to protect corporate data residing on the device
- Encryption over any corporate online communications from the device
If you don’t like the password policies, look for ways to participate in your corporate BYOD initiative to serve as the voice of the business user. Attend any training your company offers so you know and understand the password policies. You can also consider offering constructive feedback through proper channels about how password policies are affecting your work and personal device use for better and worse.
Password Management and You
Password security is an individual responsibility — both at work and at home. If you are proactive and use a password management solution with biometric authentication, you’ll be better prepared against potential attacks against your personal and corporate data.
Learn about how the Galaxy S8 uses Samsung Pass to help you enhance security on your personal and business devices.