Why You Should Use Longer Passphrases & MFA
Cybersecurity threats continue to rise. The Australian Cyber Security Centre (ACSC) Cyber Threat Report 2024-25 highlights that weak or stolen passwords remain one of the most common entry points for attackers. Whether you are managing your accounts, using cloud software, or running day-to-day business systems, short and simple passwords offer very little protection against modern cyber-attacks.
How Quickly Can a Password Be Cracked?
Cybercriminals often use brute force and dictionary attacks to guess passwords. A brute force attack systematically tries every possible combination of letters, numbers, and symbols until it finds the correct one. Advances in computing power have made these attacks incredibly fast. Here’s how quickly modern hacking tools can break passwords, based on the latest Hive Systems 2025 Password Table:
| Password Length |
Complexity
(Lowercase Letters Only) |
Complexity
(Mixed Case, Numbers, and Symbols) |
| 4 characters |
Instantly |
Instantly |
| 6 characters |
Instantly |
Instantly |
| 8 characters |
Less than 8 seconds |
8 hours |
| 10 characters |
4 minutes |
3 weeks |
| 12 characters |
2 hours |
300 years |
| 16 characters |
1 month |
25 trillion years |
These statistics highlight a simple fact: short passwords are not secure. If you use passwords shorter than 12 characters, your sensitive data could be at serious risk.
Why Should You Use Longer Passphrases?
A passphrase is a longer, more complex password that consists of multiple words strung together, making it both stronger and easier to remember. For example, instead of using “Passw0rd!”, which can be cracked in seconds. Try combining unrelated words with a symbol, e.g., “BluePiano$TigerMountain.”
Here are some benefits of using passphrases:
- Increased Security – 16+ characters make brute force attacks nearly impossible.
- Easy to Remember – A sentence-like phrase is simpler to recall than a random mix of characters.
- Lower Risk of Reuse – Employees tend to reuse short passwords across multiple accounts, which makes them vulnerable if one account is compromised.
Benefits of Using a Password Manager
Managing multiple passwords is one of the biggest challenges for businesses. Employees often struggle to remember complex credentials, leading to bad habits such as writing them down or reusing the same password across accounts. A password manager solves this problem.
While password managers significantly improve security, they are not perfect. Like any risk mitigation strategy, businesses must weigh the risks against the benefits. Strong passwords are essential, but they are only one piece of a broader cybersecurity strategy, and this is where partnering with a technology solutions and security provider (TSSP) becomes valuable.
Combining a Strong Passphrase with Multi-Factor Authentication (MFA)
Relying on a password alone, even a strong one, is no longer considered enough to protect sensitive data. Hackers have powerful tools that can quickly guess passwords, and stolen passwords are common in data breaches. That’s why a long, unique passphrase is a great first step, but it shouldn’t be your only defence. Adding multi-factor authentication (MFA) makes your accounts much harder to break.
This extra layer means even if someone steals your passphrase, they still can’t get in easily, significantly reducing your risk. By combining a strong passphrase with MFA, businesses can protect against common attacks such as phishing and password-guessing. It’s one of the simplest and most effective ways to keep your business safe.
Working with a Technology Services and Security Provider (TSSP)
Cybersecurity can feel overwhelming, especially for busy practice owners, clinic managers, and small business owners, including sole traders, who are focused on delivering services, not managing IT systems. Navigating the complexities of commercial level cyber security can be overwhelming. A technology services and solutions provider offers the expertise needed to assist business owners in managing their cybersecurity needs effectively.
By partnering with a technology services and security provider, businesses can leverage advanced security measures without an in-house team. This ensures that the business’s digital assets are well-protected and compliant, allowing the business to focus on what’s important.
That’s where a Technology Solutions and Services Provider (TSSP) comes in. A TSSP provides expert guidance, tools, and ongoing support to help businesses implement and maintain robust cybersecurity measures, including the Essential Eight strategies recommended by the Australian Cyber Security Centre.
How Harvey Norman Technology for Business Helps
Harvey Norman Technology for Business specialises in complete IT solutions that enhance cyber security, protect critical data, and maximise the efficiency of your IT systems, specifically designed for all businesses, including sole traders.
- Simplified IT: Enterprise-grade solutions, secure networks, and expert technology services made easy and stress-free.
- Proactive Protection: 24/7 monitoring, real-time threat detection, compliance-ready security, and preventative system maintenance.
- Cyber security: Secure backups, recovery management, advanced threat protection, and rapid incident response.
- Local Expertise, Nationwide Support: Access to a world-class help desk, backed by personalised service and the support of a trusted national brand.
HNTB understands the challenges of staying ahead of evolving cyber threats, complying with regulations, and maintaining optimal IT performance. Their goal is to assist businesses in safeguarding sensitive business data, minimising risk, enhancing system efficiency, and staying protected.
Here’s how they can support business:
- Advanced cyber security solutions to protect against emerging threats.
- Insights on Australian laws and regulations.
- Proven strategies to secure sensitive financial and customer information.
- Best practices for security, compliance, and risk management.
- Proactive management of your IT system environment, reducing risk and ensuring optimal performance.
- Help desk support for all IT-related issues.
- 24/7 monitoring by an expert security team.
Harvey Norman Technology for Business is a trusted ICB partner, empowering business owners with cybersecurity and technology solutions to keep their business safe, secure, and ready for growth.
Conclusion
Cyber threats aren’t just a concern for large businesses. Whether you have 0 employees or over 300, hackers know smaller businesses often have weaker security measures, making them prime targets. According to the ASD Cyber Threat Report 2024-25, cybercrime reports have increased 23%, and the average cost of an incident for small businesses is now over $56,000. That’s a cost most businesses cannot afford.
Implementing simple steps, such as using strong passphrases and a password manager, can drastically reduce your risk. Add Multi-Factor Authentication (MFA), and you have built a powerful defence against common attacks like phishing and credential theft. Protect your business with Harvey Norman Technology for Business. We make enterprise-grade cybersecurity simple, affordable, and designed for small to medium-sized businesses and sole traders.
[Read Full Article]
