Password security 101: How to (password) protect your business from cyber threats

June 4, 2024

Weak passwords are among the leading ways cybercriminals infiltrate businesses. Many small-medium businesses (SMEs) underestimate the importance of strong password security, often leading to financial and reputational damage.

Let's dive into the common mistakes made with passwords, the benefits of using a password manager, as well as how to implement additional security measures, such as multi-factor authentication (MFA).

By following these steps, SMEs can significantly improve their cybersecurity and (password) protect against cyber threats.

Common password mistakes and how to avoid them

Still using Password1234? Or the name of your first pet? It's time to get back to basics when it comes to password security, which means avoiding the following mistakes:

  1. Weak passwords: Using short, easily guessable passwords such as common words or names is a significant risk. Attackers often exploit these predictable choices.
  2. Password reuse: Reusing passwords across multiple platforms can lead to widespread breaches if one account is compromised.
  3. Insecure storage: Storing passwords in spreadsheets or on sticky notes can easily lead to unauthorised access.
  4. Sharing passwords: Sharing passwords indiscriminately increases the risk of credential theft.

How to improve password security

You can significantly reduce the risk of unauthorised access to your organisation's accounts by:

  1. Using long and complex passwords: Opt for passwords that are at least 12 characters long, incorporating a mix of letters, numbers, and symbols.
  2. Avoiding dictionary words: Use unique phrases or random strings of characters rather than common words.
  3. Keeping passwords confidential: Never share your passwords unless absolutely necessary and always do so securely.
  4. Storing passwords securely: Instead of spreadsheets or notes, use a password manager.

Implementing a password manager across your org

To ensure your team actually adopts the use of password managers, focus on the following:

  1. Onboarding: Integrate password security training from the beginning and set up every new employee in the onboarding process.
  2. Culture of security: Make using a password manager a standard practice within your organisation.
  3. Regular updates: Encourage employees to regularly update their passwords and review their stored credentials.
  4. Offboarding: Revoke access to the password manager for departing empoyees to maintain good security measures.

Enhance security with MFA

MFA adds an extra layer of security beyond just passwords. Here's how it complements password managers:

  1. Increased security: Even if a password is compromised, MFA provides an additional barrier.
  2. Multiple authentication methods: Use separate authenticator apps or devices for MFA to enhance security.
  3. Wide adoption: Ensure MFA is enabled on as many services as possible, especially critical systems.


By adopting a password manager and implementing MFA, SMEs can significantly reduce the risk of credential-based threats. Start today and protect your business from potential security breaches.

Unbeatable cyber resilience đŸŠč

Winner of 2021 iSANZ Best Startup

"We wanted a solution that was fit for purpose, reflecting our age and stage, while delivering the outcomes we wanted for our customers and people. After looking at what was available, Onwardly stood out as serving this purpose perfectly."

Kendall Flutey

Founder & CEO