X

7 Passwords You Should Never Use at Your Small Business

Owning a small business means owning data. You’re constantly acquiring new information related to your customers, your financial details, and all the vendors and contractors with whom you work.  One cyber criminal, though, one lucky hack, and you’ve just exposed your business to a major blow. From lost trust among your clients to costly lawsuits for the damage done, protecting your company from data theft is among your most important responsibilities.

A lot of it comes down to one simple choice you make: passwords.

“Overall, passwords still present the biggest challenge for businesses of all sizes,” said Ron Schlecht, founder and managing partner of BTB Security. Businesses hire Schlecht’s company to test their digital security for weak spots and, he said, “you can’t imagine how many times we still break in to companies because of a bad password.”

If you want to avoid weak passwords at your business, start by steering clear of the following list. Read on for seven passwords you should never (ever) use.

Password

Arguably, this is the number-one and most common bad choice. Also prevalent are variations such as P@ssword and P@55w0rd!. These might be easy to remember, but they’re also among the first options hackers will try.

QWERTY

Easy-to-guess passwords often take root because they’re simple to remember. That’s the story with this hacker-friendly option constructed from the sequence of letters at the top left of the typical computer keyboard.

12345

Or, 98765. Or, 4567. You get the picture — no consecutive numbers (and the same goes for sequential letter combinations). You can only count on passwords such as these to expose your business to digital theft.

BusinessName1

If your shop is called Serafina’s Weddings, don’t set your password as SerafinasWeddings1. That would be a early choice for hackers looking to break into your valuable data.

Business Address

Skip it entirely, when it comes to passwords. Also avoid trying to mash together similar details, such as your street name and street number — i.e. Main215. 

Date of Birth

Thanks to the Internet, it doesn’t take much effort to find a person’s DOB. Birthdays, birthdates, years of birth — all of them make for readily attainable passwords and are poor choices for your company.

Simple Dictionary Words

Especially if they’re related to your business, don’t use them. No baseball, football, or soccer for your sporting goods store. No muffler, tire, or spark plug for your auto garage.

 And so, what should you do when it comes to picking a password?

A key approach starts with thinking of a passphrase. Next, substitute letters, characters, and abbreviations for parts of it. For example, my first car was a Honda in 1990 would be easy enough to remember, if that was the case in your life. Now, change it to my1stc@r=honda90.

Steer clear of the not so magnificent seven above, and protect your data with hard-to-guess constructions. With a strong password strategy, you’re well on your way to foiling online attacks.

Next Steps:  Are you looking to expand and grow your small business but don’t have time to keep up with the latest trends and technology? We’ve got you covered with the weekly Small Biz Ahead newsletter. Sign up today and start receiving the weekly newsletter chock full of the latest tools and resources to help you run a successful business.

Small Biz Ahead:

View Comments (77)

  • I am looking at some of the comments below and wow!! Never use a street address or any combination password that if found on 2 sites could easily access your other sites. Invest in a Password manager that makes sense to you and your company. I have 2 favorites. One that will ask for MFA before it's password. The other only stays on company computers and never leaves the environment (If you have the correct cybersecurity in place).

  • Great article! The list of "7 Risky Passwords" was an eye-opener. Simple, yet crucial tips for enhancing password security. Kudos for the reminder to stay vigilant in the digital age!

  • The best solution is to use a password manager. That way, you only need to remember one password: the password for access to the password manager. A good password manager will create randomly generated super safe passwords for all other websites you visit that require passwords. So just come up with a single great password for your password generator and after that, the problem is solved.

  • What role does the login user name play on hacking attempts? I do not hear much discussion in this topic. I use odd login user names and am wondering if that helps defeat hackers. Thanks.

  • The problem with using safe passwords is of course remembering them. If you write them down then that's another risk............
    Recently I had money stolen from my business accounts, was a nightmare getting that straightened out. The thieves used VENMO, CASHAP and my debit cards which were in my possession!? Had to open all new accounts and that in itself has been a whole other nightmare. Companies like QuickBooks which is just a canned computer program got suspicious when I had to change the bank account number; and at the same time decided to update my address and mailing address since I'm semi retired.

  • If you have to share your password with staff then you have to use your business name / street name etc. in the password. Please suggest what kind password should be used?

  • Best advice I ever heard from an IT guy, was to use a pattern on the keyboard along with the first letter of the website your logging into. I've been using this now for over 10 years. By using a pattern you establish by leaving the first letter of the website makes a different password for every site but easy to remember. It doesn't always work for the new restrictions some websites require things like there must be 10 characters and include special characters, but if you automatically add something you always will use in the arrangement like an asterisk and set of numbers, it can still work well and be easy to remember.

Related Post