Skip to content
Menu
Automation Applications for Law Firms and Legal Depts
  • Products
    • All Products
    • Apps for Clients
    • Budget Automation
    • Computer-Assisted Billing
    • Crowdfunding for Lawyers
    • E-Signing and Blockchain
    • Large Firm Options
    • Practice Automation
  • Features
    • Works With Many Systems
      • ActionStep
      • Clio
      • PracticePanther
      • Rocket Matter
      • Timeslips
      • More…
    • Large Firm Options
    • Data Security and Protection
    • Demo Videos
  • Law Tech Insights
  • Support
    • How-To Videos
    • User Guides
    • Contact Us
  • FREE TRIAL
  • Log In
  • Sign Up
Close Menu

Protecting Your Law Firm and Yourself: Password Security

Password Security: How to Make Secure Passwords and Use Password Managers

All around the world, news reports of data security breaches are becoming more and more common.  Law firms are a prime target for cyber-crooks.

In a recent American Bar Association study, more than 20% of firms overall reporting that they had been the subject of a data breach.

In firms with 10-49 attorneys, this figure was 35% — meaning over a third of law firms of this size had been hacked.

FREE TRIAL

View Products

More Insights

In addition, and unlike many other kinds of businesses, attorneys are ethically required to safeguard client data.

This article addresses some of things that lawyers and law firms can do to keep their data safe.  According to the recent Verizon Data Breach Investigations Report, roughly “81% of hacking-related breaches leveraged either stolen and/or weak passwords.”  Therefore, this article will focus on password security in particular.

Password Managers

Are you reusing the same password across many different sites? Reusing the same password can make remembering your passwords more manageable, although it could also put you at risk.

Cybersecurity researchers at Virginia Tech recently found that more than half of users reuse the same password across many sites without knowing how dangerous it could be. A single data breach on a vulnerable website is all an attacker would need to gain access to all your accounts, giving them access to crucial information. Information related to your firm and or your personal life.

Today there are many applications that manage your passwords for you. Apps like 1Password and Apple’s Keychain store all of your passwords on a secure server giving you the luxury of only needing one “Master Password” to access all of your accounts securely.

There are basic password managers, and there are more sophisticated versions. The basic password managers work with a single computer, encrypting the passwords onto your hard drive, while the more sophisticated versions (Keychain, 1Passsword) let you access your passwords between multiple devices.

For example, you can save your password on your iPhone, then later access that same account login on your iPad or MacBook. When you initially sign up for a password manager, remember to create a strong, yet memorable password.

Passwords should be long, complex, and unique. “Even if you have an ‘unimportant’ password and an ‘important’ password tier, it’s very unsafe,” says Joe Siegrist, VP, and GM of popular password manager LastPass.

Password Security: Law Firm Tips for Secure Passwords

Here are some tips to remember when creating a secure password:

  •   Attempt to make password 12 characters or more
  •   Keep personal information that is easy to guess out; names, dates, pets, etc.
  •   Use symbols, numbers, in addition to letters
  •   Include both uppercase and lowercase letters
  •   Do not reuse passwords

A main feature that comes with password managers is the Password Generation Tool.  Make sure to take advantage of this tool, as it will create you a strong password (for example, “VhH3# =xwQLE?atG”). Most of the password managers will allow you to pick the length, the number of characters included, and the complexity of your new password.

When creating a new account on a website or application, make sure you name the new entry after the site and add the username to your manager for easy and secure access.

Even More Protection

There are a few more methods one can take to protect their information even further. The first is known as two-factor authentication (2FA) or multi-factor authentication (MFA).

Two-factor authentication or “2FA” is an extra authentication step above and beyond a password that will give you even more security.  Multi-factor authentication uses more than just one extra authentication step.

“Factors” refer to the forms of verification needed to access your accounts.  The first “factor” is the password. The second and possibly additional forms of verification are typically codes sent your cellular phone via SMS or codes sent by email.

With most two-factor authentication systems, when logging in, you will be required to enter your password, followed by the unique code that has been sent to your phone or email address. These codes usually only last for 15 minutes before and change at every use. Even if your password is compromised in a breach, a hacker would need access to your phone or email address in order to gain access.

If an app offers two-factor or multi-factor authentication, you should strongly consider using it.

Finally, the most secure form of security would be biometric authentication. This form of protection allows you to use your unique physical characteristics to log into your accounts.

View Products

These unique personal characteristics could be fingerprints, facial recognition, and or retina scans to log in.

We already see this in newer Apple products and many business laptops.

Using multi-factor and biometric authentication makes it nearly impossible for hackers to gain access to your information without your permission.

Going Forward

It is imperative to know how to protect your information online. Remember the tips above next time you are creating or changing your passwords.

Not only can a password manager keep your accounts secure, but they also help organize and differentiate each and every account. In addition, keep in mind that enabling 2FA and or biometric authentication on your accounts could be the one thing that saves your information from being compromised.

If you think your account information has already been compromised, or if you want to make sure you are safe, keep in mind that you can use websites such as the HPI’s one or haveibeenpwned.com to see if your personal information such as email addresses and passwords are anywhere on the web.

Related Posts

password-security-4993196_1920

Privacy/Confidentiality, Tech

Effective Cybersecurity is a Law Firm’s Ethical Obligation

Why Blockchain Is the Future of E-Signing

Apps, Privacy/Confidentiality, Tech

Why Blockchain Is the Future of E-Signing

Legal Software and Automation for Law Firms
Keep your billing system.
We add the automation.

© 2021, EffortlessLegal LLC. The EffortlessLegal name and logo, as well as all application names and logos, are trademarks owned by EffortlessLegal LLC. All rights reserved.

Products

  • Free Trial
  • All Products
  • Apps For Clients
  • Budget Automation
  • Computer Assisted Billing
  • Crowdfunding for Lawyers
  • E-Signing and Blockchain
  • Practice Management

Features

  • Use Your Existing Billing System
  • Law Tech Insights
  • Data Security and Protection
  • Large Firm Solutions
  • Demo Videos

Support

  • Support Center
  • How-To Videos
  • User Guides
  • Contact Us

Disclosures

  • Terms of Service
  • Privacy Policy
  • Data Security and Protection

105 W. Madison Street
Suite 603A
Chicago, IL 60602
United States of America
+1 (800) 427-5510
info@EffortlessLegal.com