Secure Our World Hero Image

Require Strong Passwords

Enforcing a password manager protects your business.

Strong Passwords Mean Safer Business Accounts

Small to medium businesses are a regular target for malicious hackers and a common entry point for digital thieves is stolen or weak passwords. 

But the good news is, you can keep your business safe by requiring employees to use strong passwords and password managers.

Set the example by using long, random, unique passwords on all your personal and business accounts—and use a password manager to remember them! Then work with your IT staff or provider to require employees to use strong passwords to access your systems. This will keep your data safe and protected.

Encourage Strong Passwords in the Workplace

Create a safer workplace by establishing smart employee password practices.

1. Require strong, unique passwords.

Keep your networks secure by enforcing strong password policies. Strong passwords are:

  • Long—at least 16 characters long (even longer is better).
  • Random—like a string of mixed-case letters, numbers and symbols (the strongest!) or a passphrase of 5 –7 random words.
  • Unique—used for one and only one account.

Speak with your IT department or security manager to require strong passwords. Often, you can create user settings that require that passwords meet certain standards and criteria (such as requiring capital and lower-case letters, numbers and symbols).

2. Provide an enterprise-level password manager for your employees.

An enterprise password manager can be a good step to increase security for a smaller company. A good password manager creates, stores and fills in passwords automatically so you only have to remember one strong password—for the password manager itself.

Providing a company password manager will make it easier for your employees to use strong passwords and protect themselves, your business and your customers.

As you grow, you will probably want to move to an identity and access manager (IAM) with single sign-on (SSO). But a password manager is a good first step.

3. Require that default credentials be changed on all software and hardware products.

Many hardware and software products come “out of the box” with default usernames and passwords that are easily exploited. These default passwords may be physically labeled on the device or even readily available on the internet. Require that staff change all default credentials.

Other Ways to Protect Your Business

Online criminals are always looking for easy targets. Businesses that don’t take basic precautions are at risk. Take the following steps to make it harder for malicious actors to access your data or trick an employee into allowing access to your systems.

decorative image of business owner

Secure Your Business

Protect your business, your employees and your customers with easy and effective safety habits and policies.

decorative figure: coworkers looking at a computer

Teach Employees to Avoid Phishing

Harmful links or attachments could provide unauthorized access to information or infect your network with malicious code. This can result in data being held for ransom.

decorative figure: woman at work

Require Multifactor Authentication

Using more than a password to access an account—such as a texted code, authenticator app, fingerprint or access card—makes an account safer than a password alone!

decorative figure: cashier at the store

Update Business Software

Flaws give criminals an opening. Programmers publish patches, but you must install them to get their protection. Smaller businesses are often running outdated software because they don’t have full-time IT staff keeping up.

Related Content

Secure Our World Cybersecurity Awareness Month 2023

October is Cybersecurity Awareness Month

Learn how to get involved and become a Cybersecurity Awareness Month partner!

woman working on her computer

Weak Security Controls and Practices Routinely Exploited for Initial Access

Share this with your IT provider/staff and encourage best practices to protect your systems.

decorative photo: individual working

Choosing and Protecting Passwords

By choosing good passwords and keeping them confidential, you can make it more difficult for an unauthorized person to access your information.

Social More than a Password Instagram Graphic

More than a Password

Multifactor authentication can make you, and your business, much safer than a password alone. Learn how!

SOW Small and Medium Businesses

Small and Medium Businesses

Ready for more?

CISA offers free information and tools to help small businesses protect their people, customers, intellectual property and other sensitive data.

More Information for Small and Medium Businesses

Return to Secure Our World