Looking for the Best Computer Services in Buffalo? Call: (716) 206-3200

Your employees were hired because they are the best in the business — but someone trained in public relations or design may not be aware of the way that their day-to-day choices can affect their company’s security. It’s important to ensure your employees are educated on security threats, including phishing attacks, spearphishing, and social engineering tactics that ask your employees to perform familiar actions in order to gain access to your company’s data.

One common source of cybersecurity weakness is weak passwords that are easy to hack, or even to guess. Read on to learn the top five ways to ensure the passwords your employees use are very challenging to crack.

1. Use longer, more complex passwords

Many passwords are now required to be a specific length and include both uppercase and lowercase letters, numbers, and special characters. However, some systems still don’t require passwords of this complexity.

How to fix it –

Require your employees to use passwords that are at least eight characters in length and that meet all of the requirements above.

2. Use unique passwords

Memorizing passwords can be challenging, so it’s no wonder that many employees will use the same password or a few passwords for multiple accounts. Unfortunately, this means that a hacker can gain access to a site with very little security and use the password there to gain access to sites that would otherwise be inaccessible to them. It’s also common to use passwords that are near-identical but for one, capitalized letter or misplaced number. These are also very easy to guess if the hacker gains access to the original password.

How to fix it –

Remind your employees to use a password that significantly differs from passwords they’ve used before.

3. Avoid password walking

Password walking is using seemingly random arrangements of letters or numbers that are, in fact, simply next to one another on the keyboard, such as asdf or nm,./. Unfortunately, these are not the strong unique passwords they seem at first. Hackers are very familiar with this method, making these passwords easy to guess.

How to fix it –

You may be able to introduce a line of code that makes such passwords impossible to choose. If not, awareness of the vulnerability of such passwords will go far.

4. Eliminate the most familiar password patterns

Let’s say that you and your employees have avoided all these fundamental errors. A 2013 study of a Fortune 500 company found that 50% of all employees followed a few, predictable patterns in their passwords, most of which could easily be adapted to accommodate their name and some year with particular significance to them. Especially common patterns included one upper-case letter, followed by five or six lower-case letters and two digits — likely a last name and the last two digits of a year; and one upper-case letter, followed by three lower-case letters, and four digits, likely a shorter word coupled with a full, four-digit year. By coupling names and years, those who choose passwords hope to make them easier to remember. Unfortunately, this also makes them simple to hack.

How to fix it –

In order to create strong unique passwords, make sure your employees don’t group all numbers or all letters together: this helps to ensure that the password doesn’t convey an easily-guessable concept, or a clear name-date combination as the patterns above so often do.

5. Use emotion-neutral passwords

Many individuals choose a password they will remember because it elicits strong emotion: one of the most common examples is iloveyou. Other emotionally-resonant choices include favorite fandoms, sports teams, or characters. These are easy to guess because many are beloved by the public: Superman is a very popular choice. Additionally, there may be public information about your employees’ preferences and hobbies available on their social media accounts.

How to fix it –

Let your employees know to avoid passwords that reflect on their hobbies and passwords that have emotional resonance.


Remember, your company’s cybersecurity is only as strong as its weakest link. Ensure that your employees can confidently spot cybersecurity attacks and avoid common cybersecurity mistakes by getting them the best training available! Call (716) 206-3200 to talk to a cybersecurity training expert in Buffalo NY or visit buffalocomputerhelp.com to learn more.

Business Needs Reliable Outcomes. They Also Need Reliable I.T. Services.

We Can Help.

BOOK YOUR COMPLIMENTARY CONSULTATION TODAY