January 17-2020
Limited password requirements doom security for MSP users

Managed service providers (MSPs) are a smart play for individuals and businesses who know they want a space on the internet but don’t have the tools or the knowledge to build and maintain that space for them. It’s not unlike a business park renting out office space and providing management for the phones, lights, security, and so forth. It’s your space, you just don’t own it.

MSPs often promise fantastic security and all sorts of bells and whistles to gain your business, but unfortunately, that does not include smart password management for most of its customers. There rarely are any set password schemes required by an MSP, nor insistence that you change said password after a set number of days. It’s a bit like renting out a storage facility. The owner doesn’t really care what type of lock you put on the door, how many keys you make, or who you give a copy to. As long as you’re paying your rent every month, they’re happy.
But what if way too many people are using the same lock and key? That’s the fear for swirling the MSP community. Part of the issue comes from a study by Dashlane representatives and the University of Virginia Tech found that in a database of some 28 million people, more than one-half, 52 per cent, were using the same password for multiple services.

That’s the best news that the hackers of cyber criminals of the world could hear. It means that by cracking one code for one person, you can gain access to multiple accounts without having to break a sweat on any of the others.

It doesn’t help that a survey done in the UK found that the password was cracked the most time for data breaches worldwide was “123456”. Clearly there are more than a few user errors going on to have such rampant password problems across the world. Bad password habits don’t just affect the person who gets hacked, they affect that person’s business, coworkers, and pretty much anyone else who is in your address book, your instant messenger, or connects to you on social media.

Why? Because hackers don’t just want your data, they want it all. And that means using spyware to sniff around your system and see who all they can connect to. Once the malware is in your address box, it can send phishing emails and other spam to your contacts and try to similarly hook them. Even if it only ensnares one person out of one hundred, it’s worth it the hacker because that propels it forward to the next person’s contact list and the opportunity to take over even more inboxes, credentials, and data.

The best way to avoid this type of scenario is to lock up your passwords in one proficient password manager such as Dashlane. Using this software will mean only managing one master password which controls all of your official logins and passwords on various websites. When you want to log in to a site, simply enter your master password which will, in turn, open its vault, extract the master password, and give you secure access that is nearly impossible to be accessed by a cyber-criminal.