Still Using Weak Passwords? Do This Instead.

According to IBM’s Cost of a Data Breach Report 2025, attackers are logging in rather than hacking in. Passwords are the first line of defense between a criminal and sensitive information, and weak or reused passwords remain the most common way criminals gain unauthorized access to accounts. 

Unfortunately, many individuals still choose passwords that include personal details or are reused across multiple platforms. This practice leaves employees and organizations vulnerable to data breaches, identity theft, and even system hijacking. For public entities that maintain hundreds of thousands of records containing personally identifiable information, the risks are exceptionally high. Creating strong, unique passwords is one of the most effective ways to defend against cyberattacks. While threat actors use sophisticated tools to ‘crack’ passwords, choosing complex, secure passwords and protecting them appropriately can significantly reduce the risk of identity theft, financial fraud, and unauthorized access to your entity’s data.

By following best practices for creating secure passwords and utilizing a password manager, public entities can more effectively safeguard sensitive records and mitigate cybersecurity risks.

Creating strong passwords and securing them with a password manager

  1. Make Passwords Long: Consider using the longest password permissible whenever possible (at least 16 characters) 
  2. Create Random Passwords: Consider choosing passwords that combine letters, numbers, and symbols to reduce the risk of hacking. Consider trying different variations of a passphrase, but avoid common phrases, famous quotations, and song lyrics. For example: T9v#R2q!L8m@X4pZ
  3. Make Passwords Unique: Consider using phonetic replacements, such as “ph” instead of “F.” Use an exclamation point (!) to replace the letters (I) or (L), or make deliberate misspellings, such as “enjin” instead of “engine.” 
  4. Use a Password Manager: Strong passwords can be challenging to remember. Consider using a password manager to securely store strong passwords, rather than saving them on your computer. 

CIRMA’s Cyber Webinar Series helps members enhance their overall cybersecurity awareness by covering a wide range of topics, including creating strong passwords, enabling multifactor authentication, recognizing phishing attempts, and safeguarding sensitive data. In addition, national organizations such as CISA and the National Cybersecurity Alliance support Cybersecurity Awareness Month with initiatives that include educational PDFs, training videos, and other resources. These materials offer practical guidance on best practices to mitigate risk and foster a stronger cybersecurity culture.

Conclusion

Training and education remain the most effective defense against cybercrimes, and knowing how to protect yourself and your organization is easier than ever. Learn at your own pace and when and where you choose with CIRMA’s e-learning resources, 24 hours a day, seven days a week.

CIRMA Risk Management offers a Cyber Webinar Series through its exclusive CIRMA member Vector Solutions platform. This robust training and education tool features cybersecurity-related online training courses and webinars proven to educate employees and reduce costly and disruptive cybercrimes, including phishing attacks. Has your municipality or school board taken advantage of the many benefits available through CIRMA’s exclusive online training and education platform? Contact your local CIRMA Risk Management representative to get started today.

Resources

Secure Our World: https://www.cisa.gov/secure-our-world

Use Strong Passwords: https://www.cisa.gov/secure-our-world/use-strong-passwords

Create Strong Passwords: https://www.staysafeonline.org/events/create-strong-passwords-(and-actually-remember-them)

National Cybersecurity Alliance: Cybersecurity Awareness Month: https://www.staysafeonline.org/cybersecurity-awareness-month

Check out CIRMA’s Cyber Center to learn how CIRMA can help your organization prevent and manage cyber exposures.

Cyber Resources Created for CIRMA Members:

Back to Blog Next Article
bench at sunset

Heat Stress and Heat Stroke

Anyone performing physical or athletic activities on hot or humid summer days is at risk for heat-related illnesses. Those likely to be in danger…

View Posts

Water You Waiting For?

Claims involving dehydration and heat exhaustion can be costly—Connecticut municipalities experienced over $150 million in related medical expense losses alone over the past five…

View Posts
weak password help

Still Using Weak Passwords? Do This Instead.

Passwords have long been firmly established as the weakest link in an organization’s cybersecurity. Here's what you can do to avoid this significant yet…

View Posts
wellness at work

Wellness at Work

The adoption of workplace social and emotional health programs skyrocketed over the past two years due to heightened visibility during the pandemic when remote…

View Posts
beat cyber social engineering attacks

Social Engineering: The Art of Human Manipulation

Social engineering cyberattacks are becoming increasingly prevalent, costing municipalities millions annually. Here's what you can you do to be cyber smart.

View Posts

Personal Protective Equipment for Public Entity Employees

Proper use of personal Protective Equipment (PPE) is crucial for accident prevention in the municipal workplace. PPE can safeguard employees from potential risks, ensure their well-being,…

View Posts

Bee Safe

Bee and wasp stings are a common summer nuisance that can turn deadly if the victim develops a severe allergic reaction (anaphylaxis). Public Health…

View Posts

Social and Emotional Awareness

Failure to cultivate a workplace culture that advocates for mental health can subject employers to legal risks, including claims of workplace violence or failure…

View Posts

Work Zone Safety Works

It's everyone's collective responsibility to ensure safety in work zones. Road workers rely on their communities to keep them safe at work. CIRMA provides…

View Posts

Preventing Tick-borne Disease Exposure

In Connecticut, occupational exposure to tick-borne diseases is a recognized hazard. Outdoor workers must protect themselves in the spring, summer, and fall when ticks…

View Posts
home work environment tips and best practices

Whitepaper: Create a Home Work Environment that Works for You

Creating a home workspace does not require extraordinary upgrades to your home or even purchasing fancy office equipment. Setting up a workspace with basic…

View Posts
wrist injury sprain strain workers comp

Preventing Sprains & Strains

Sprain and strain injuries are the most common and costly workplace injuries. Employees can injure their knee, shoulder, wrist, or back while performing everyday…

View Posts