Password sharing – Just say no

How would you feel about being the suspect in a crime at your place of business? What if you didn’t even know the crime occurred, but it was somehow tracked back to you?

If you share your personal username and password with a colleague, and that person embezzles funds or steals company information, you could be considered a suspect because your name is associated with those transactions.

Furthermore, when you are the company owner, you could easily be unprotected against related losses if you knowingly gave out your information and thereby authorized access to someone who committed a crime.

Fraud is not the only risk of sharing passwords. The likelihood of errors also increases when several people use the same identification to access electronic documents.

Think of it this way: When you share your password and log-in information, you are sharing your identity. Your username and password serve as your signature, and these qualifiers are the only way the computer can identify you.

How to Protect Yourself

We recommend that you change all passwords, including those with your bank and other service providers, at least once every 90 days. Furthermore, never keep a copy of your password at your desk, stuck to your monitor, under the keyboard, or anywhere else that is not secure. Create strong passwords that are easily remembered and at least eight or more characters. The most secure passwords contain a combination of upper and lowercase letters, numbers and punctuation.

You might also consider implementing some kind of security software on all company computers to offset the possibility of the wrong information being shared or accessed. For example, some tools can report who was on a computer at any given time or forbid access to company networks during certain hours of the day.

For employees, it should be required that they establish unique log-in information as they are hired. You should further alert them of the penalties for password sharing to discourage them from unknowingly providing potential criminals access to company files. Later, you might want to prompt all employees to change their passwords on a similar schedule to your own. Simply distribute a memo requesting the change and outline smart password practices, as discussed here previously. It might also be helpful to share stories of security breaches so that they fully understand the implications of identity fraud, at work and personally.