Why Passwords Still Matter


Passwords are a fundamental aspect of cybersecurity, and whilst for now, passwords are here to stay, it is unlikely most organisations can go fully password-less.

As highlighted in our previous blog regarding How Multi-factor Authentication (MFA) Can be Breached, MFA simply isn’t enough of a security measure to then forget about the importance of password security and weak, default or breached passwords.

Weak, default or breached passwords are one of the biggest threats to a user and/or business. Account compromises usually start with the threat actor discovering a user’s credentials from dictionary attacks to password spraying. Once the threat actor has obtained a password, they will then move their focus on compromising MFA. Once they overcome these lines of defence, they will then conduct lateral movements across a trusted environment to access valuable assets such as sensitive data, and may proceed to harvest, encrypt, and/or delete that data.

A weak password dramatically increases the chances of the threat actor ultimately breaching accounts. Strong passwords offer no protection if that password has already been compromised. There are several legitimate websites which you can search to see if your password has been compromised and leaked online. However, the simple rule of thumb is to avoid using weak or default passwords for accessing multiple systems and to enforce a strong password policy and ensure regular password changes.

MFA is then the additional layer of security it’s intended to be.

 


Hidden Risks You Might Be Ignoring

21 May 2025

In this month’s IT Bulletin, we’re shedding light on the cybersecurity threats that often go unnoticed — but can have serious consequences for businesses of any size.

How to Simplify Configuration for your Engineering Software

20 May 2025

In this blog, we’ll look at some common challenges teams face when configuring engineering software and share practical tips on how to simplify the process. We’ll also explain how Symetri’s solutions can help you optimise your software setup, reduce errors, and keep your projects running smoothly.

4 ways to optimise your construction projects in the cloud

19 May 2025

Managing a growing number of Autodesk BIM 360 or Autodesk Construction Cloud (ACC) projects can quickly become overwhelming - especially when it comes to project setup, user management, and data backups. With the right tools, you can eliminate manual inefficiencies, boost productivity, and focus on more strategic initiatives. If your team works with BIM 360 or ACC, this blog focuses on four powerful ways Naviate Cloud Manager can streamline your operations.