David Speaks: Passwords and Multifactor Authentication

COVID-19 has not slowed us down when it comes to spreading the word about the importance of Cyber Security.

Today, David was joined by Matthew See, WatchGuard’s Manager of Sales Engineering – APAC, hosting a webinar in conjunction with the College of Law's Centre for Legal Innovation, focusing on Passwords and Multifactor Authentication.

The webinar stressed the importance of keeping your login credentials safe, at least 7.9 billion records, including credit card numbers, home addresses, phone numbers and other highly sensitive information, have been exposed through data breaches since 2019, making the security of your credentials more important than ever.  To add to this 31% of data breach victims later have their identity stolen.

A worrying 33% of people use the same password every time, prompting David to urge webinar participants to ensure they use long and complex passwords and enlist the help of a password management tool such as LastPass, Dashlane, Roboform and Keeper to create and remember unique 128-character passwords for every login they had.

Matthew covered off Multifactor Authentication (MFA), MFA allows you to securely access assets, accounts and information, authenticating straight from your mobile phone giving you an added layer of security, even if your username and password are compromised. By generating codes and push notifications WatchGuard’s AuthPoint Multifactor authentication tool is FortiTech’s favourite MFA tool and works with all QR Code based authentication.

Special Offer

To aid with Remote Worker Security, particularly in the current climate, WatchGuard are offering 120 days of free use (for up to 250 users) of their AuthPoint Multifactor Authentication App and DNSWatchGo Web and DNS Filtering Tool. Additionally, WatchGuard are offering 120 days free for their Firebox V cloud firewall.  If you would like to take up any of these offers, simply give us a call on 1300 778 078.

Key Takeouts

  • Use a unique password for every login you have
  • Use Multifactor Authentication where available, but avoid any MFA that uses text message, as they can be intercepted
  • Use a Password Manager to keep passwords as long and complex as possible, plus, it means you don't have to remember them - we aren't all Rain Man
  • Business class Password Managers enable one person to control the password to an account, and then provide access to other users without sharing the actual password. This is great for businesses with additional security needs or those wanting an easier on-boarding and off-boarding process
  • Visit https://haveibeenpwned.com to check if you have already been hacked
  • https://howsecureismypassword.net/ lets you find out how secure your passwords are.

David's cyber security series for 2020 continues in May with a webinar on Mobile device protection, here is a little teaser of the session:

A laptop is stolen every 53 seconds and 70 million smartphones are lost every year. So how do you protect your data when staff are working from home or “on the move”?

In the May Cybersecurity Monthly Tip Meetup you will learn:

  • What do I do when I lose a device?
  • Using Microsoft 365 Business Premium to protect your business data
  • Practical tips on implementing mobile security

If you aren’t already a member of the Legalpreneurs Lab, why not check out their membership page here, you don’t have to be in the legal industry to join: https://www.cli.collaw.com/legalpreneurs-lab