All Episodes

Improve Your Password Policy: Strategies for Stronger Security

May 12, 2025 7 mins
Passwords remain a cornerstone of cybersecurity; however, weak practices continue to put businesses at risk. In this episode, we discuss real-life breaches, strategies for creating and managing robust passwords, and the importance of multifactor authentication. Discover the password best practices you need to update your password policy and protect your company from password-related vulnerabilities.
Mark as Played
Transcript

Episode Transcript

Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Alright, welcome back to Visionary IT,

(00:02):
everyone.
Today, we're diving into a topic that,
honestly, feels more critical thanever-password security.
I mean, it's the backbone of everycybersecurity strategy,
but what's surprising is how manybusinesses still get it wrong.
Yeah,
and let's face it, passwords are kindaone of those things that most
folks don't think twice about-untilsomething goes wrong.

(00:25):
But with breaches up, what, sixty percent?
You really shouldn't be overlooking them.
You know,
there's this false sense of securityReid-like,
people think a password as simple asPassword-1-2-3 is gonna cut it.
But it doesn't.
So today,we'll talk about what actually works,
and how you can implement betterstrategies without making everyone's

(00:46):
life harder.
Right, because let's be real-not everybusiness has time for
an overhaul of its entire cybersecurityprocess.
So, we'll keep it practical, useful,
and hopefully a little fun, too.
That's a great point,
Reid.
And speaking of practical issues,
let's get real here-weak passwords arestill one of the biggest security

(01:07):
risks out there.
Just last year, over 80% ofhacking-related breaches were due to
compromised
passwords.
Those numbers are staggering,and they show how much work we still have
to do.
Yeah, and you'd think by now people would,
I dunno, take it more seriously.
But it's like we're stuck in this loop.
I mean,we all remember the LinkedIn data breach,

(01:28):
right?
That one got ugly fast.
Oh, absolutely.
They reportedly lost over 167 millioncredentials in that breach.
And guess what?
Most of the stolen passwords wereembarrassingly simple-like "1-2-3-4-5-6."
It's no wonder hackers had field dayswith that kind of access.
And what's

(01:49):
worse is this habit of reusing them.
Like,if "1-2-3-4-5-6" is your email password,
it probably doubles as your social medialogin,
maybe your bank account too.
It's like putting all your eggs in one,
really poorly protected basket.
Exactly.
That password reuse is a killer.

(02:10):
Even small businesses-who may thinkthey're flying under the radar-are
prime targets.
Hackers know there's a good chance thosereused passwords will unlock
way more than just one system.
And-oh,
this one's my favorite-remember thosestatistics about employees sharing
passwords via email?
Like, "Here's the password to the payrollsystem." It's insanely risky

(02:34):
behavior, but without training,
people just don't see the problem.
Right,
and that's why businesses really need totake the lead here.
Educate your teams,set clear password policies,
and, honestly, enforce them.
Because these attacks don'tdiscriminate-they'll hit anyone who leaves
the door open.
Gar, you're absolutely right aboutbusinesses needing to

(02:55):
step up.
But here's the thing-how do we actuallyget people to start making smarter
passwords?
We've gotta rethink what a password evenis.
Forget single words or strings of randomletters.
Instead, go for long,phrase-based passwords.
Take a sentence you'll remember and throwin some creative substitutions.
For example,you could use the password "Honey,

(03:18):
I shrunk the kids," but replace letterslike "o" with zeros and "s" with
the dollar sign.
It's memorable, it's complex,and hackers hate it.
Okay,
wait-so you're saying I should turn mychildhood movie quotes into a
sort of digital armor?
Kinda love that.
Exactly.
And while we're at it,let's ditch sticky notes and spreadsheets.

(03:39):
Instead, use a password manager.
These tools create long, random passwordsfor you and store them securely.
It's like outsourcing the hard part soyou can focus on...
well, running your business.
Yeah,
and honestly, they're a lifesaver.
I've worked with companies that wereliterally keeping passwords on Post-its
near their desks.

(04:00):
Like, the digital equivalent of leavingyour keys in the door.
Scary but
true.
And here's where it gets real-weakpasswords can absolutely cripple a
business.
I worked with a company a while back thatgot hit with ransomware because
one employee used a weak password on anadmin account.
Hackers got in, locked everything down,
and demanded thousands just to giveaccess back.

(04:22):
All because of one lousy password.
Ouch.
And you know what?
That's not even rare.
I mean, it's a harsh reminder,
but no one thinks it'll happen to themuntil it does.
Right.
That's why these strategies arenecessities if you wanna stay ahead of
the bad guys.
Absolutely, Gar.
Knowing the importance of strongpasswords is one thing,
but putting those strategies into actionis where the real work begins.

(04:46):
Let's focus on execution-start withcritical passwords like those guarding
financial systems, client data,
or admin accounts.
Rotate or update those every three months,
minimum.
Right.
And I get it, it sounds like overkill.
I mean, changing passwords that oftenfeels like a drag.
But think of it as...
maintenance on a car.

(05:07):
Ignore it too long,and the problems pile up.
Exactly.
And this is where multifactorauthentication comes in.
It's one of the simplest ways to add anextra layer of security.
Even if someone cracks a password,
they'd still need, say,your phone or fingerprint to get in.
You're basically
turning cybersecurity into a teamsport-hackers might score,

(05:30):
but MFA's like having a goalie.
It's got your back.
That's a great analogy.
And honestly, it's not just about what todo-it's also about avoiding
mistakes.
Writing passwords on sticky notes orsaving them in your browser?
Huge no-no.
I've seen too many breaches that startedbecause someone thought,
"Oh, it's just easier this way."Yeah,
or my personal favorite-passwords like"CompanyName2023." Super creative,

(05:54):
right?
All it takes is one guess, and boom,
you're exposed.
No kidding.
It's about building a culture of security,
too.
Train your employees.
Make security part of their day-to-daythought process,
not just some compliance box to check off.
Because honestly, your weakest link oftenisn't the tech-it's people.
Yeah,
people can be the problem,but they're also the solution.

(06:17):
Give them the right tools, and suddenly,
cybersecurity doesn't seem sooverwhelming.
And that's the key-keep it
simple, actionable, and enforce it.
Strong policies save time, money,
and headaches later.
Alright, Reid,
I think we've covered just abouteverything.
I mean, from creating solid passwords toactually building systems that
work, there's a lot businesses can do-andneed to do-today.
Absolutely.

(06:40):
And at the end of the day, it's reallyabout keeping the door locked-not
just with a password,but with a whole set of best practices.
If you take the small steps,you can avoid the big disasters.
Well,
on that note, folks,don't leave your keys in the door!
Thanks for tuning in,and remember-security starts with you.
Until next

(07:01):
time, stay visionary, stay secure.
Advertise With Us

Popular Podcasts

On Purpose with Jay Shetty

On Purpose with Jay Shetty

I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!

Crime Junkie

Crime Junkie

Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.

Ridiculous History

Ridiculous History

History is beautiful, brutal and, often, ridiculous. Join Ben Bowlin and Noel Brown as they dive into some of the weirdest stories from across the span of human civilization in Ridiculous History, a podcast by iHeartRadio.

Music, radio and podcasts, all free. Listen online or download the iHeart App.

Connect

Explore

iHeart

Live Radio

Podcasts

Artist Radio

Exclusives

News

Features

Events

Contests

Photos

Information

About

Advertise

Blog

Brand Guidelines

Contest Guidelines

Subscription Offers

Jobs

Get the App

Automotive

Home

Mobile

Wearables

© 2025 iHeartMedia, Inc.