Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Download PDFDownload PDF
Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Heather Mueller
/
May 9, 2019
Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

MIN
/
May 9, 2019
About the Episode
Episode Highlights
Meet our Guest

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.
Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Blog

3 Essential Password Security Tips to Keep Data Breaches at Bay

Panelists
No items found.
Introduction

Great, thank ya!

You can now access the content.
Download NowDownload Now
Oops! Something went wrong while submitting the form.

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.
Panelists
No items found.
Infographic

3 Essential Password Security Tips to Keep Data Breaches at Bay

Are your employees using strong passwords? Get the surprising facts with these password security tips.
Download InfographicDownload Infographic

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.

Collecting payments with online forms is easy, but first, you have to choose the right payment gateway. Browse the providers in our gateway credit card processing comparison chart to find the best option for your business. Then sign up for Formstack Forms, customize your payment forms, and start collecting profits in minutes.

Online Payment Gateway Comparison Chart

NOTE: These amounts reflect the monthly subscription for the payment provider. Formstack does not charge a fee to integrate with any of our payment partners.

FEATURES
Authorize.Net
Bambora
Chargify
First Data
PayPal
PayPal Pro
PayPal Payflow
Stripe
WePay
ProPay
Monthly Fees
$25
$25
$149+
Contact First Data
$0
$25
$0-$25
$0
$0
$4
Transaction Fees
$2.9% + 30¢
$2.9% + 30¢
N/A
Contact First Data
$2.9% + 30¢
$2.9% + 30¢
10¢
$2.9% + 30¢
$2.9% + 30¢
$2.6% + 30¢
Countries
5
8
Based on payment gateway
50+
203
3
4
25
USA
USA
Currencies
11
2
23
140
25
23
25
135+
1
1
Card Types
6
13
Based on payment gateway
5
9
9
5
6
4
4
Limits
None
None
Based on payment gateway
None
$10,000
None
None
None
None
$500 per transaction
Form Payments
Recurring Billing
Mobile Payments
PSD2 Compliant

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.

Looking for a strong password your employees can use to secure company data and documents? Try ssAGj$953vy7&2bi. That’s what one popular password generator recommends.

Or you could use N*@2AhR!1tJJeW8$. Several password checkers suggest this would be a difficult one to crack.

Of course, there's a reason this type of password complexity makes so many employees want to scream in frustration. Such a complicated string of numbers, symbols, and letters would be impossible to remember—especially when security experts recommend using a different one for each app, account, and online tool.

Instead, most workers continue to use (and reuse) weak passwords that are familiar, comfortable, and easy to remember:

  • Even though 91% of people understand that using the same password for multiple accounts is a security risk, 59% "mostly or always" use the same password
  • Half of enterprise employees reuse passwords for work-related accounts

That's not all. An estimated 85% of enterprises allow employees to access data from personal devices, causing even more concerns over data leakage.

Clearly, things need to change.

Many companies are implementing measures like single sign-on, web form protections, and other security measures. But for these initiatives to work, an organization must first address the much more pressing matter of password strength.

Thankfully, it's becoming easier than ever to help employees get comfortable with password complexity.

3 Essentials for Password Strength in the Workplace

1. Make employee education a priority.

This may sound like an obvious measure to take, but a somewhat surprising number of employees still lack the training necessary to achieve data and document security.

In a recent study, nearly half of surveyed IT specialists indicated their employees have accidentally put sensitive data at risk as many as 10 times in the past year. The vast majority of employees, however, said they've never intentionally broken company security policies—and attributed breaches to high-pressure work environments with poor training.

No wonder the biggest cybersecurity risk to US businesses is employee negligence. When workers aren't equipped with the password knowledge and tools they need, cybercriminals have an easy target.

In addition to safe device use and online practices, employees should be educated on the critical importance of password strength and company policies for managing password complexity.

2. Adjust your password requirements.

Has your company gotten into the habit of adjusting default security settings for the online tools your teams use? If not, now’s the time to start. This one step can go a long way in helping employees pick stronger passwords.

For example: When setting up Formstack, administrators can require users to select passwords that meet a predetermined length and mix of alpha and numeric characters. They can also set safeguards to prevent employees from reusing existing passwords.

This is especially important for accounts that need to meet PCI compliance standards for secure credit card transactions—a common scenario for companies that collect payments through online forms. In these instances, you’ll need to take steps to ensure your company is meeting the minimum requirements for online form security. Form password requirements for PCI compliance include:

  • A minimum password length of seven characters
  • Both alpha and numeric characters
  • Session timeouts after 15 minutes
  • Password changes every 90 days
  • Unique passwords that are different than the last four used

3. Give them a break.

Despite your best efforts, employees WILL resist. It takes time to stop and create new passwords, and keep track of the ones you already have. This time-consuming process can be highly frustrating for the worker whose day is already overflowing with to-dos.

Even the National Institute of Standards and Technology (NIST) advises against several longstanding best practices, such as routine password changes and password complexity requirements, for this very reason.

Fact is, there's far too much friction when it comes to password security. The more you can ease this pain, the better. This is the reason so many organizations are adopting technology such as single sign-on login, which gives employees access to all apps and data after entering credentials just once, and password managers, which generate and securely store strong passwords on behalf of employees.

Whatever steps you decide to take, don’t delay: More than four dozen companies have already been impacted by security breaches since January of this year—many of them involving highly sensitive credit card information. If you want to avoid a similar fate, the strength of your employees’ passwords is essential.

Did you know? Formstack's online form builder has attained Payment Card Industry Data Security Standard (PCI DSS). This move means even greater security for your online forms and the data you collect. Learn more about this important development by clicking the link below.

See how Formstack's Payment Card Industry (PCI) compliance keeps your company and customer data secure.
Heather Mueller
Heather is a website copywriter and digital content strategist who loves helping brands generate leads through the power of the written word—especially when using Formstack. Connect with Heather on Twitter @heathermueller.
More Articles
Meet The Host
CEO of
Connect
Chris is on a mission to turn people into great leaders. He's passionate about helping problem solvers see more value in the work they do every day.