A number of organisations employ passwords in order to verify the identity of an authorised individual be it on alarm on alarm systems, cash registers or on computer terminals. Even though there are a number of sophisticated systems existing today for the purpose of authentication and verification such as biometric scans, fingerprinting and smartcards, the use of passwords still remains popular because of their ease of use and simple deployment. However, passwords can also be easily misused. With the help of automated tools available at hand, hackers can easily crack or just guess simple passwords in a matter of seconds. At the same time, due to various phishing methods, employees inadvertently expose passwords that can be used to crack into their accounts.
Based on a study conducted at the Michigan State University, it was revealed that over 80% of document thefts and content breaches were conducted by people within the organisation or by people who posed as trusted employees in the company.
Securing PDF documents with Strong Passwords
Securing data files and classified information within an organisation is of profound importance to management, and the best way one can initiate the first level of security is to set up passwords for their respective files. Unfortunately, passwords for PDF documents containing sensitive information are not effective for the following reasons:
- Copyrighted data or classified information in PDF documents are sometimes left without any password security because of lack of knowledge, thus allowing any third party to access the information easily.
- Weak passwords or passwords that have remained unchanged for a long period of time.
- Making the password available to all or keeping stored passwords in plain sight.
Using Strong Passwords to protect PDF files
Educating employees about the significance of using strong passwords to protect PDF documents or data files is a fundamental step in ensuring that passwords are the first line of defence for document security. It is imperative that employees are made to regard their passwords in the same manner they would protect their personal information or physical keys. In addition, it is also important that employees avoid creating weak or easy to crack passwords that have the following features:
- Actual name of the user, surname or organisational name.
- An easy to guess dictionary word; using dictionary words are the most easiest to hack as there are specific programs that target common words located in a dictionary to attack the system. These programs are referred to as ‘dictionary attacks.’
- Words such as ‘password’, ‘123456’, ‘ABC’, ‘XYZ’ etc. are extremely common and easy to guess.
- Some letter substitutions, such as using ‘!’ Instead of ‘I’ or ‘$’ in place of ‘S’ can also be easily guessed.
- Passwords that have been written on a piece of paper and irresponsibly maintained.
- Common passwords for a number of people.
- Failing to use passwords at all, making it easy for anybody to gain access to the information in the PDF file.
Some common tricks that can help make passwords stronger as well as memorable, include:
- Making use of entire pass phrases as passwords.
- Using only the first alphabet of every word of a popular pass phrase or a quote, such as NitMoI! (Necessity is the mother of invention!)
- Stringing together simple and short words and tying them with symbols or figures, for instance ‘Sea+7+blue’
When more and more companies progressively become involved in a collaborative economy, it becomes even more crucial to share PDF documents that are common to various authorised parties. PDF documents and files are being shared faster and wider than ever before due to growing corporate ecosystems and exponentially virtualized business systems covering more collaborators, commercial enterprises, and collaborative ventures. Hence it is important to ensure that the protection of data files is secured through several layers of security and password protecting PDF files is a good place to start.
Image credit: pixabay.com