Cyberattacks are on the rise (Mclean, 2023) regardless of industry (Check Point Research, 2025), with weak/stolen passwords being one of the leading causes of data breaches (Coggins, 2019).

Thankfully, you aren’t alone, and there are plenty of ways to protect your members, data, and staff with a few practical password management strategies. Let’s dive in!

Our Top Tips for Secure Password Management

1. Use a Password Manager

Storing passwords in spreadsheets or sticky notes is a thing of the past.

Instead, look to password manager programs (like KeePass or 1Password), which generate and store strong, unique passwords for every account. This way, you can keep your passwords safe and accessible (but only to you!).

If your organization isn’t already using one, now’s the time to start!

2. Create Strong, Unique Passwords

A strong password should be at least 12 characters and include a mix of upper- and lower-case letters, numbers, and symbols.

Be sure to avoid:

• Dictionary words
• Personal details
• Common patterns

Even worse, the most common passwords are still “123456”, “111111”, “qwerty”, “admin”, and “password” (Gunnar, 2023)! Under no circumstances should you use passwords like these, whether you’re at work or at home.

Now, if you’re having trouble coming up with a good, unique password, that’s understandable. Thankfully, many password managers (see above) have already considered this and have the ability to generate new, secure passwords for you.

3. DO NOT Reuse Passwords Across Platforms

In a study of breached passwords, of the 19 billion cases examined, 94% of the stolen passwords had been recycled across various platforms (Perez, 2025). Yikes!

If a site becomes compromised, any reused passwords will put all accounts at risk. Every system you access—especially those that handle member data or continuing education (CE) records—requires its own unique password.

4. Enable Multi-Factor Authentication (MFA)/Two-Factor Authentication (2FA)

Wherever possible, turn on MFA/2FA. This setup adds a second step to logging in (such as a texted/emailed code or specialized authentication app), which can help you block most attacks—even if your password is stolen.

Google Authenticator is a nice, easy option that you can find on the Google Play Store or iPhone App Store.

5. Stay Alert to Phishing

No matter how strong your password is, it’ll still be vulnerable if you enter it into a fake site. Always double-check URLs, and never click links in suspicious emails.

And, because phishing emails are becoming more convincing, it’s best to create a specific password-sharing process for when you need to distribute passwords amongst staff.

Ensure passwords are never sent through email or regular chat; instead, look into safe password sharing tools like 1Password’s “Password Share” feature or OneTimeSecret, which creates a one-time link that self-destructs after opening.

6. Regularly Update Passwords

Set reminders to update passwords for critical systems every 6 to 12 months. However, if you suspect a breach, update your passwords immediately—don’t hesitate!

It’s always better to be safe than sorry, and a little inconvenience is a small price to pay for keeping your organization secure.

Bonus Resources

If this article has made you feel increasingly nervous, firstly—sorry!

Secondly, there are plenty of resources out there to double-check your security and maintain your peace of mind.

You can try:

• Testing the strength of your passwords with How Secure Is My Password?
• Checking for data breaches with Have I Been Pwned?

Stay cybersafe, everyone!

References

Check Point Research. (2025, April 16). Q1 2025 Global Cyber Attack Report from Check Point Software: An Almost 50% Surge in Cyber Threats Worldwi … Check Point Blog; Check Point Software. https://blog.checkpoint.com/research/q1-2025-global-cyber-attack-report-from-check-point-software-an-almost-50-surge-in-cyber-threats-worldwide-with-a-rise-of-126-in-ransomware-attacks/

Coggins, J. (2019, November 18). Six Common Causes of Data Breaches. Lepide Blog: A Guide to IT Security, Compliance and IT Operations. https://www.lepide.com/blog/six-common-causes-of-data-breaches/

Mclean, M. (2023, August 9). 2021 Must-Know Cyber Attack Statistics and Trends – Embroker. Embroker. https://www.embroker.com/blog/cyber-attack-statistics/

The post Your First Line of Defence: Tips for Smarter, Safer Passwords appeared first on Online Learning Solutions | Association Management System | Vocalmeet.

Tip: Safety First

You want your association’s data to be accessible, but not too accessible–at least, not to the wrong people! Keep your files secure by looking into your online security. You want your members to know their data is safe in your hands, and that they can trust your association’s cyber savvy.

Educate

First, educate: yourself, your staff, and your members. You can’t spot a problem you don’t know exists, so make sure to offer resources on how to spot scams, fraud, phishing, and other heinous tricks.

Teach everyone about password control: users should change their passwords regularly, employ two-factor authentication, consider using secure password managers, and lock their computers when away from the keyboard. Additionally, make sure to use only secure wifi connections; if there’s no lock symbol, it shouldn’t be trusted. By pairing all of this with regular network testing, your users should be able to stay safe–and your data will stay where it belongs!

Assess

You want to keep your association’s various functions safe (and trustworthy!), so look into having online security audits performed on your system. Set up yearly on-site data security assessments and encrypt your information. Use VPNs whenever possible as an additional precaution.

You should also inform your staff of any risks, and set up protocol on what to do should someone make a mistake. It’s better to know there’s a problem and respond than to rugsweep and pretend it never happened!

Protect

One way to increase the security of your online environment and simplify password management for your members is to standardize authentication across all your online solutions. This is made possible using single sign-on (SSO) cloud technology. Single sign-on (SSO) is a user authentication process that allows for access to multiple online applications with one set of credentials.

In addition to greatly enhancing the online experience of your members (they login only once to access multiple services!), SSO reduces password fatigue and facilitates the adoption of stronger password policies. Just make sure that prior to implementation, you consider what SSO protocols are supported by your preferred software solutions and confirm that they can connect.

You may also like: Post-Purchase Service: Why It’s Crucial When Picking an LMS Vendor

Conclusion

When doing anything online, you want to make sure you’re practicing good digital hygiene. Inform your bar association of the dangers associated with the web, audit your tech, and remind members to safeguard their credentials. They say the best defense is a good offense, but the reverse is often also true!

Next time, we’ll be concluding our Vocalmeet/Lexum article series with one of the best support (and engagement!) tools of all: social media.

The post Technology Tips and Tools to Help Bar Associations Build Trust and Support Members – Part 4 appeared first on Online Learning Solutions | Association Management System | Vocalmeet.