MENUMENU
  • FREE RESOURCES
        • Accounts Payable
          Finally! The trick to securing greater T&E compliance
          Benefits
          Rooting out folks who don’t belong on your health plan: A 6-point dependent audit checklist
          IT
          3 costly misconceptions about biz email compromise
          Credit and Collections
          Collecting via email: 4 must-make moves in your subject line
          Accounts Payable
          5 Tough-to-spot signs that an invoice is fake
  • PREMIUM CONTENT
        • Staff management
          120 Proven Communications Tips for Today’s CFO
        • Payroll
          Handling Nonexempt Employee Pay: Stay Compliant and Avoid DOL Audits
          Accounts Payable
          T&E Best Practices: Complete Guide to Ensure Compliance
          Payroll
          Payroll Best Practices: 4 Ways to Save Time and Money
        • Staff management
          Email Best Practices: A 6-Question Quiz
          Staff management
          Innovative Communications Strategies: An Email Case Study
          Staff management
          A 5-part Framework for Successful Workplace Communications
        • SEE MORE
          PREMIUM RESOURCES
  • CORONAVIRUS RESOURCES
  • LOGIN
  • SIGN UP FREE

CFO Daily News

MENUMENU
  • FREE RESOURCES
        • Accounts Payable
          Finally! The trick to securing greater T&E compliance
          Benefits
          Rooting out folks who don’t belong on your health plan: A 6-point dependent audit checklist
          IT
          3 costly misconceptions about biz email compromise
          Credit and Collections
          Collecting via email: 4 must-make moves in your subject line
          Accounts Payable
          5 Tough-to-spot signs that an invoice is fake
  • PREMIUM CONTENT
        • Staff management
          120 Proven Communications Tips for Today’s CFO
        • Payroll
          Handling Nonexempt Employee Pay: Stay Compliant and Avoid DOL Audits
          Accounts Payable
          T&E Best Practices: Complete Guide to Ensure Compliance
          Payroll
          Payroll Best Practices: 4 Ways to Save Time and Money
        • Staff management
          Email Best Practices: A 6-Question Quiz
          Staff management
          Innovative Communications Strategies: An Email Case Study
          Staff management
          A 5-part Framework for Successful Workplace Communications
        • SEE MORE
          PREMIUM RESOURCES
  • CORONAVIRUS RESOURCES
  • Accounts Payable
  • Credit and Collections
  • Payroll
  • Accounting
  • Benefits
  • Finance Technology
  • More
    • Employment Law
    • Strategy
    • Policy and Culture
    • Fraud
    • Payments and Transactions
    • Budgeting and Forecasting
    • Banking
    • Staff Management
    • Cost Control
    • Supply Chain
    • IT

The sloppy security habit that could be costing you big

Jennifer Azara
by Jennifer Azara
May 15, 2009
  • Finance Technology
  • Fraud
3 minute read
  • SHARE ON

Internal Control / Fraud Prevention

Of course you know 12345 isn’t the best idea for a password. But are the passwords and practices you and your staffers use just as bad?

Finance is a goldmine of sensitive information. You want to be confident that sloppy habits aren’t putting it at risk. Here’s how to sleep better.

What not to do

It’s probably easiest when talking about passwords to start with the worst practices. You want to begin by reminding all finance staffers that these are not the passwords you want guarding your company’s financial systems. Some may seem obvious — but you’d be surprised how many people do ’em anyway:

  • Passwords that are the same as your log-in name
  • Easy-to-guess personal info (spouse’s, kid’s, pet’s names)
  • Passwords based on keyboard layout. “Asdfgh” and “qwerty” are common choices because they’re a straight shot across the row on the keyboard.
  • Simply subbing the obvious choices of other characters for letters. So if your cat’s name is Scruffy, making your password “$cruffy” won’t keep anyone out.

What to do instead

Armed with a long list of what not to do, you also want to give your people a list of what they should be doing to protect your systems. The biggies:

  • Make passwords at least 8 characters — a mix of letters, numbers and symbols. Here’s why: Use a five character password of all lowercase letters, and there are 11.9 million possible passwords. Sounds solid, but it’s hackable with today’s sophisticated tools. On the other hand, if you use an eight-character password that includes upper and lowercase letters, as well as numbers and symbols, the possible number of passwords leaps to 899.2 trillion!
  • Have a nonsensical password. They can make sense to you so you can remember them, of course. But you probably don’t want a real word. Better to make a password out of a variety of things: your great grandmother’s initials, the year you got your drivers’ license, your favorite crayon name.

2 other key protections

Once your department is using the right type of passwords, you want to keep them working for you. To do that:

  1. Change it up. Everyone in your department should be changing passwords once a month. Bet if you asked for a show of hands how many people actually do that on their own, you wouldn’t see many raised hands. Why not load a monthly reminder on every finance staffer’s PC to change passwords? And be sure to tell people they can’t just flip-flop back between two passwords. Use new ones each time.
  2. Log off. No doubt your people log off when they leave work for the evening. They probably even sign out when they head to lunch. But what about something as minor as a trip to the ladies’ room? If someone strolls into your department and a screen full of Social Security numbers is on display, that person might not be able to help but sneak a peek. (And in tough times like these, people who never even would’ve considered such a move might just do it.)
Jennifer Azara
Jennifer Azara
Jennifer, a member of the CFO Daily News staff, has covered business and finance for more than 22 years. She has written for CFOs, credit and collections professionals and accounts payable practitioners and has spoken at industry conferences on sales and use tax compliance.

Keep Up To Date with the Latest Finance News

With CFO Daily News arriving in your inbox, you will never miss critical stories on accounting, benefits, payroll & employment law strategies.

Sign up for a free CFO Daily News membership and get our newsletter!
  • This field is for validation purposes and should be left unchanged.
CFO Daily News Logo
  • ABOUT CFO DAILY NEWS
  • ADVERTISE WITH US
  • WRITE FOR US
  • CONTACT
  • Accounting
  • Benefits
  • Payroll
  • Policy and Culture
  • Employment Law
  • Fraud
  • Finance Technology
  • Accounts Payable
  • Credit and Collections
  • Strategy
  • Payments and Transactions
  • Budgeting and Forecasting
  • Banking
  • Staff Management
  • Cost Control
  • Supply Chain
  • IT

CFO Daily News, part of the SuccessFuel Network, provides the latest Finance and employment law news for Finance professionals in the trenches of small-to-medium-sized businesses. Rather than simply regurgitating the day’s headlines, CFO Daily News delivers actionable insights, helping Finance execs understand what Finance trends mean to their business.

Privacy Policy Terms of Service
Copyright © 2021 SuccessFuel

WELCOME BACK!

Enter your username and password below to log in

Forget Your Username or Password?

Reset Password

Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.

Log In

preloader