Would you be willing to share your password with 23 million other people?
According to the National Cyber Security Centre, it’s possible that you already are. The NCSC (in collaboration with Have I Been Pwnd) have released a list of the most commonly breached passwords and for some, it’ll make grim reading. You’ll find the password 123456 at the top of the list, with a reported 23 million breaches. Other common password choices such as querty, password1 and even chocolate make the list too.
Unfortunately, even if you’ve been a little more cryptic when setting your own passwords, cyber hackers are becoming ever more sophisticated and with so much of our personal information now available online, it’s vital that you know how to keep your data secure — particularly when it comes to your finances.
These 5 steps are a good place to start in keeping your business data safe online.
1. Keep your login details secure
The first step to online data security is to keep your login details secure.
That might sound obvious but you’d be surprised at how many people share their username or password with colleagues, forget to logout of a program when they’ve finished or click the ‘remember me’ option even when accessing software on a shared device.
It’s important to be mindful of such situations and take care not to leave your details where others might gain access to them.
To ensure your financial data remains secure, it’s definitely worth choosing software that allows multiple users. While some organisations charge a fee based on the number of users, Clear Books operates differently — users never need to share their username or password with others because our system is designed in such a way that each user has their own login credentials with no extra charge.
Our software also offers a feature where an authorised user is able to review an audit log of access and entries made in their Clear Books account; users can use this feature to support their own fraud prevention policies and procedures.
2. Choose a strong password — and don’t use the same password twice
Conventional wisdom tells us that a secure password should be a random mix of upper and lower case letters, numbers and symbols, but with the right technology a hacker can potentially crack your password in a couple of hours.
Instead IT experts are starting to recommend setting a passphrase. For optimum security your phrase should consist of 4 or 5 unrelated words, written in a random order — it shouldn’t make sense as a sentence. The advantage of a passphrase rather than a password is that it’s easier for you to remember than a series of letters but harder to hack.
If you’re not sure if your password or passphrase is up to scratch, take advantage of password strength checkers. Many organisations that deal with sensitive data (including Clear Books) have a password strength indicator built into their software so you can tell when you’re setting up your password whether it’s strong enough.
3. Remember to vary your password
Your pension plan, your business and car insurance, your social media accounts, HMRC…just think how many passwords you need to remember in any given day. It’s no wonder that some of us succumb to the temptation to use the same password for multiple channels.
But while that may make life easier for you, it also makes life easier for hackers. All they need to do is crack your username and password for one account and suddenly they have access to your entire online life, including your business data. To up your data security, make sure you choose a different password for each account, particularly in the case of financial data.
4. Watch out for scammers
A decade ago, scammers were far easier to spot. One look at an email from ‘your bank’ was enough to tell you that it was a fake. Unfortunately, today’s fraudsters are a lot more sophisticated and it can be tricky to tell whether an email is from a brand you know and trust, or whether it’s a fake.
Remember though that any reputable company will never ask you to disclose your password. If you ever receive any communications that appear to be from Clear Books, asking you for your username or password, please do notify us immediately via firstname.lastname@example.org and do not reply to the email.
Websites too can fall prey to scammers who set up links that take you to a replica of a reputable site. To avoid a website scam, always check the domain name of the website you’re on, especially if you’re going to be keying in a username or password or making a purchase. You’ll find Clear Books at www.clearbooks.co.uk — you can log in to all of our products from this domain. Once you’re logged in, you’ll notice the www.secure.clearbooks.co.uk URL provides a prefix you can check to be confident of your location.
5. If you think you’ve been hacked, change your password immediately.
Even the most security savvy people can fall victim to hackers. If you have any reason at all to suspect that one of your passwords have been compromised, it’s vital that you change it immediately. And, if you are still using the same login details for multiple accounts, we’d recommend setting a new password for every account that may have been affected.
If you think your Clear Books password has been compromised you can reset your password by clicking the ‘forgot password’ link on the sign in page.
If you need any help accessing your account or changing the password, or have any other questions about data security, our Support Team is available weekdays from 9am to 5pm on 0203 475 4744.