Skip to main content
Security Education

Warning: Stop Saying “iloveyou”

By Colin Knox

I hate to break it to you, but “iloveyou” is ranked as the 10th worst password used in 2018, according to a study by Splashdata. To make things even worse, Troy Hunt's Pwned Passwords found that “iloveyou” was used 1.5 million times in exposed data breaches made publicly available. Those data collections represent only a small fraction of what is actually compromised. Imagine how many people use “iloveyou” today?

Cybersecurity remains a concern. Several big name websites such as Adobe, Tesco, Vodafone, Yahoo, and Xbox 360 have been targeted for data to be either sold, traded, or made publicly available online. In May 2017, Bell Telecommunications in Canada suffered a data breach resulting in the exposure of millions of customer records, such as email addresses, geographic locations, IP addresses, job titles, names, passwords, phone numbers, usernames, and more. It was only last year the global hacking group APT10 was targeting MSPs specifically to obtain client network data.Weak passwords are making the bad guys’ lives easier, and this at a time when we should be trying to make things harder for attackers. MSPs need to be saying enough is enough! You can do something special for yours and your customers’ cybersecurity protocols by following these four steps:

  1. Bring things together with a password and documentation management solution
    Give your technicians the rapid access they need to effectively support clients by implementing a secure password and IT documentation solution. This way, privileged access to client knowledge and information can be directly at their fingertips.
  2. Implement a multifactor authentication solution (MFA)
    Double-up on your security by implementing a secondary device push-notification, call, SMS, or biometric identity access to your accounts. This will help ensure the user is the person they say they are!
  3. Partner your accounts with strong passwords
    Automatically generate strong password strings that are different for all of your accounts. Do not reuse a previous password. It is best practice to use length rather than complexity to make your password harder to crack. Using three to four random words strung together, creating 16 characters or more, is ideal.
  4. Spend quality time maintaining your passwords
    Every account should have a different password, stored in one spot. Using a management tool will allow an audit trail for who had access to what. If anything goes astray, it is of benefit to the company to be able to track and instantly modify sensitive accounts. 

Using these four steps will help to make your security more resilient and your networks harder to hack.

Click here to find out more about how SolarWinds® Passportal can help you secure your systems.


Colin Knox is director of product strategy, SolarWinds Passportal

SolarWinds® adds Passportal suite to its MSP product portfolio. MSP security, simplified. SolarWinds® Passportal + Documentation Manager is a SOC 2 certified, RAPID 7 tested, award winning platform.

 Audited Tested Awarded-01

Grow your business faster with the world's first unified platform for true password management and secure IT documentation. More than 2,000 best-in-class MSPs around the world are leveraging our security, automation, and rapid access client knowledge to out preform the competition.Passportal-SolarWinds_1200x190

Welcome to the Passportal Blog

Into cybersecurity? Read up on current trends in IT Services and ensure you’re up to speed on best practices on how to grow your business.

Want to stay up to date?

Get the latest N-able tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Automated password protection with documentation management integrated with the MSP tools you already use

Manage passwords with ease