Password encryption is essential to store user credentials stored in a database securely. Without password encryption, anyone accessing a user database on a company's servers (including hackers) could easily view any stored passwords.
Even a strong 32-character password created using a <a href="https://teampassword.com/password-generator">secure password generator</a> is useless without password-encryption! If someone can read your password on a server, they can use it simply by copy/pasting it&mdash;no matter how long or complicated the password might be!
Encryption scrambles your password before saving it on the server. So, if someone hacks the server, instead of finding password123, they find a random series of letters and numbers.
In this article, we're going to explore the world of password encryption, why <a href="https://teampassword.com/blog/tips-and-tricks-to-create-a-strong-password">strong passwords matter</a>, and how you can practice better password management!
&rlm;&rlm;&lrm; &lrm;
<a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> is the password management solution for small businesses! Create, store, and share login credentials safely with employees, contractors, and clients. <a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a 14-day free trial</a> today!
&rlm;&rlm;&lrm; &lrm;
<h2>Understanding Password Encryption</h2>
To explain password encryption effectively, we must first grasp the language. Several terms might be unfamiliar, so here is a quick intro to password encryption terminology.
<ul>
<li style="font-weight: 400;" aria-level="1">Key: Used to lock and unlock passwords using a random string of bits. You get private and public keys that crypt and decrypt data differently, but we won't get too deep in the weeds with keys!</li>
<li style="font-weight: 400;" aria-level="1">Bits: A logical state with one of two possible values, including 1/0, true/false, yes/no, or on/off as typical examples.</li>
<li style="font-weight: 400;" aria-level="1">Block (block cipher): A deterministic algorithm operating on fixed-length groups of bits, called blocks.</li>
<li style="font-weight: 400;" aria-level="1">Hash function: The algorithm that uses the key to create password encryption and decryption. A hash function is essentially a piece of code that runs every time someone saves a password or logs into an application.&nbsp;</li>
<li style="font-weight: 400;" aria-level="1">Hash: A random series of numbers and letters representing your password. The hash function uses your hash instead of the raw password for authentication.</li>
<li style="font-weight: 400;" aria-level="1">Salt: Additional letters and numbers appended to the hash</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
<h2>How Does Password Encryption Work?</h2>
When you save a new password, a hash function creates a hash version and saves that on the server.&nbsp;
Every time you log in using your password, the hash function recreates the hash to see if it matches what's stored. If the hashes match, the algorithm passes the authentication and logs you in.&nbsp;
For example:
<ul>
<li style="font-weight: 400;" aria-level="1">Original password: Pa$$w0rd123</li>
<li style="font-weight: 400;" aria-level="1">Hashed password: 6AF1CE202340FE71BDB914AD5357E33A6982A63B</li>
</ul>
While this might seem secure, simple hashed passwords aren't hack-proof.
The hash function only creates a unique hash for each password, not each user. So, if multiple users have the password, Pa$$w0rd123, the hash will be exactly the same.
To overcome this encryption vulnerability, engineers salt passwords so each hash is unique, even if the passwords are identical.
<h3>How Salt Works</h3>
A salt appends a unique value of 8 bytes (16 characters) to the password before the hash function creates a hash. This way, even identical passwords are unique before the hash function.
For example:
<ul>
<li style="font-weight: 400;" aria-level="1">Two identical passwords: Pa$$w0rd123</li>
<li style="font-weight: 400;" aria-level="1">Salt value one: E1F53135E559C253</li>
<li style="font-weight: 400;" aria-level="1">Salt value two: 84B03D034B409D4E</li>
<li style="font-weight: 400;" aria-level="1">Password one before hash: Pa$$w0rd123E1F53135E559C253</li>
<li style="font-weight: 400;" aria-level="1">Password two before hash: Pa$$w0rd12384B03D034B409D4E</li>
<li style="font-weight: 400;" aria-level="1">Password one hashed value (SHA256): 72AE25495A7981C40622D49F9A52E4F1565C90F048F59027BD9C8C8900D5C3D8</li>
<li style="font-weight: 400;" aria-level="1">Password two hashed value (SHA256): B4B6603ABC670967E99C7E7F1389E40CD16E78AD38EB1468EC2AA1E62B8BED3A</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
<h2>5 Common Password Encryption Methods</h2>
<h3>1. Data Encryption Standard (DES)</h3>
While applications no longer use Data Encryption Standard (DES), it's important to mention this password encryption method because of its history and influence on more secure modern standards.
IBM developed DES as a 56-bit encryption technology in the early 1970s. The NSA adopted and improved DES before it was approved worldwide as the encryption standard.
However, since the late 70s, hackers have been able to break DES encrypted passwords. In 1999, ethical hackers managed to break a DES key in under 24 hours.&nbsp;
To make DES more secure, engineers created Triple DES and later Advanced Encryption Standard (AES), which we still use today.
<h3>2. Triple DES</h3>
Triple DES uses three 56-bit keys (blocks) to create 168-bit encryption (some security experts argue that Triple DES is only 112 bits strong). Although Triple-DES is slowly being phased out, many financial institutions still use it to encrypt ATM PINs.
<h3>3. Advanced Encryption Standard (AES)</h3>
AES is the new encryption standard&mdash;trusted by the United States Government and many other prominent organizations globally. At 128 bits, AES is sufficiently secure, but most organizations prefer heavy-duty 256-bit encryption.
At <a href="https://teampassword.com/security">TeamPassword</a>, we use 256-bit encryption to store passwords, ensuring the highest levels of security for our clients. We're also a <a href="https://teampassword.com/security">secure hosting provider</a> holding multiple security accreditations.
Hackers can only break an AES encrypted password through a brute-force attack&mdash;trying password combinations to find the right one.
To counter brute-force attacks, applications will lock an account after a certain number of attempts or use tools like Google's reCAPTURE.
<h3>4. Blowfish</h3>
American cryptographer, Bruce Schneier, designed Blowfish in 1993 as an antidote to the weak DES encryption. Blowfish uses a 64-bit block and variable key length of 32 to 448 bits.
Although Blowfish is more robust than its DES predecessor, the 64-bit block is still vulnerable to attacks, most commonly birthday attacks&mdash;a cryptographic attack that exploits the mathematics behind the algorithm.
To solve Blowfish vulnerabilities, engineers created Twofish in 1998 (128-bit blocks with 256-bit keys) and Threefish in 2008 (256, 516, 1024-bit blocks with 256, 516, 1024-bit keys).
<h3>5. Rivest-Shamir-Adleman (RSA)</h3>
RSA is one of the oldest and widely used to transfer data securely. The encryption works with two keys, two large prime numbers, and an additional auxiliary value.
Due to the complicated encrypting and decrypting process, there is no known method for breaking RSA encryption.&nbsp;
Although widely used for transferring data, RSA is slow and not suitable for password encryption.
&rlm;&rlm;&lrm; &lrm;
<h2>Why Strong Passwords Matter</h2>
Password encryption can only prevent criminals from viewing saved credentials stored on a server&mdash;but cannot prevent hackers from guessing weak/commonly used passwords. If you <a href="https://teampassword.com/blog/colonial-pipeline-ransomware-attack-dont-reuse-passwords">reuse the same password for multiple accounts</a>, this also puts you at risk!
Encryption is most effective when users create robust, unique passwords for every account. For example, a random 32-character password with letters, numbers, and special characters hashed and salted is near impossible to guess or decode, even using a computer!
In another scenario, let's assume you have a strong 32-character password, but you use it for every account. If hackers manage to steal that password, they have access to every account using the same credentials! Your strong password is effectively useless.
<h3>Improving Your Password Management</h3>
Now that you understand password encryption and the associated vulnerabilities, you can see why strong passwords are essential.
Effective password management is crucial to protect yourself against cyberattacks or in the highly likely event of a data breach where hackers steal your credentials.
Criminals are after the low-hanging fruit&mdash;people who use weak passwords!
5 tips for creating stronger passwords:
<ol>
<li style="font-weight: 400;" aria-level="1">Create strong passwords for every account. The easiest way to do this is using a password generator. <a href="https://teampassword.com/password-generator">TeamPassword has a free password generator</a> anyone can use to create passwords from 12-32 characters using uppercase, lowercase, numbers, and special characters. We recommend creating passwords as long as the application will allow.</li>
<li style="font-weight: 400;" aria-level="1">Never create passwords shorter than eight characters, with 12 being our recommended minimum.&nbsp;</li>
<li style="font-weight: 400;" aria-level="1">Never reuse the same password for multiple accounts.</li>
<li style="font-weight: 400;" aria-level="1">Never create passwords with your name, family member's names, or pet's names. With social media, this information is freely available. Criminals can add those names to algorithms for brute-force attacks.</li>
<li style="font-weight: 400;" aria-level="1">Don't store passwords in digital notepads or spreadsheets. We recommend using a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager like TeamPassword</a> to create and store your credentials.</li>
</ol>
&rlm;&rlm;&lrm; &lrm;
<h2>Why You Need a Password Manager like TeamPassword</h2>
We have so many accounts these days; it's almost impossible to create unique, memorable, secure passwords for each one. A password manager solves this problem.
Instead of remembering the credentials for every account, you only need to memorize the one to log into your password manager.&nbsp;
TeamPassword keeps all of your credentials safely stored and encrypted, so you never have to memorize a password again. Instead of entering your credentials, you use one of TeamPassword's browser extensions (Chrome, Firefox, and Safari) to log into accounts.
<h3>Built for Teams</h3>
TeamPassword's best feature is its ability to share credentials with team members securely. Instead of sharing passwords, you provide access through TeamPassword.&nbsp;
Employees <a href="https://app.teampassword.com/dashboard#signup/testimonial">use TeamPassword</a> to log in, meaning you never share raw passwords&mdash;no more worrying about unauthorized access or sharing.
You can create groups in TeamPassword to share access with employees, clients, contractors, and freelancers. When someone no longer needs access, remove them from the group with a single click. No need to change passwords every time someone leaves a project!
<h3>Built-In Password Generator</h3>
TeamPassword features a built-in secure password manager so you can create robust passwords for every account. TeamPassword also ensures you never reuse the same credentials so that you won't fall victim to credential stuffing attacks!
With a built-in password generator, you can change passwords regularly, and TeamPassword will update the new credentials for all users!
<h3>Monitor Login Activity</h3>
TeamPassword's activity log keeps track of every action across all of your accounts&mdash;logins, password changes, new team members, sharing access, and more.
You can also set up email notifications for all TeamPassword actions so that you can react fast to any suspicious activity.
<h3>Get Your Free TeamPassword Trial</h3>
Password encryption is not enough to protect your business from password vulnerabilities! You need a robust password manager like TeamPassword to create, store, and share credentials securely.
&rlm;&rlm;&lrm; &lrm;
<a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a 14-day free trial</a> and let TeamPassword secure your company's digital assets.

Password encryption is the number one component of password security. TeamPassword encrypts passwords with state-of-the-art technology to keep passwords safe.

Password encryption is the number one component of password security. TeamPassword encrypts passwords with state-of-the-art technology to keep ...

What is password encryption and how much is enough?

Gothic Panda is a known Chinese state-sponsored cyberespionage group. The highly skilled attackers regularly use zero-day exploits to breach networks&mdash;a sophisticated hacking technique that takes weeks or months to execute.
The group has been operating since the mid-2000s attacking various state contractors in the United States and US government entities.
We saw a <a href="https://teampassword.com/blog/the-biggest-data-breaches-of-2020">significant increase in cyber-attacks in 2020</a>. Is your business protected?
&rlm;&rlm;&lrm; &lrm;
Sign up for a <a href="https://app.teampassword.com/dashboard#signup/testimonial">free 14-day TeamPassword trial</a> and protect your company's digital assets from attacks!
&rlm;&rlm;&lrm; &lrm;
<h2>Who is Gothic Panda?</h2>
Gothic Panda is an advanced persistent threat group known to US Intelligence as APT3. Investigations revealed that Gothic Panda has direct links to the Chinese Ministry of State Security (MSS) and other Chinese agencies.
Until 2015, Gothic Panda's primary target was the United States. But, since March 2016, the group's focus shifted to Hong Kong, where they attacked political entities and critics of the Chinese Communist Party.
<h3>Gothic Panda Aliases</h3>
Gothic Panda goes by many aliases assigned by intelligence agencies and security firms.
<ul>
<li style="font-weight: 400;" aria-level="1">APT3 (Advanced Persistent Threat 3 - US federal government classification)</li>
<li style="font-weight: 400;" aria-level="1">Buckeye</li>
<li style="font-weight: 400;" aria-level="1">TG-0110</li>
<li style="font-weight: 400;" aria-level="1">Bronze Mayfair</li>
<li style="font-weight: 400;" aria-level="1">UPS Team</li>
<li style="font-weight: 400;" aria-level="1">Group 6</li>
<li style="font-weight: 400;" aria-level="1">Pirpi</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
<h2>What does Gothic Panda do?</h2>
Gothic Panda hacks tech, transportation, telecommunications, aerospace, and defense companies to steal intellectual property.&nbsp;
In addition, the group attacks India, Vietnam, Hong Kong, the US, and NATO-aligned state entities to gather intelligence and steal state secrets.
Gothic Panda has an extensive range of tools and techniques to breach systems and networks. The group is especially good at zero-day exploits and spear-phishing attacks.
Once inside a system, Gothic Panda uses highly sophisticated tools to provide remote access, create multiple "backdoors," and remain undetected for months.
&rlm;&rlm;&lrm; &lrm;
<h2>Famous Gothic Panda Attacks</h2>
Due to the sensitive data and the high-level state entities Gothic Panda targets, we know little about many of the group's attacks.
<h3>Operation Clandestine Fox - 2014</h3>
Operation Clandestine Fox is one of Gothic Panda's first significant zero-day attacks. The group discovered an unknown vulnerability in Microsoft's Internet Explorer (IE), allowing them to get around the browser's security features.
By circumventing IE's security, Gothic Panda could infect a user's device through watering-hole attacks. The security vulnerability affected an Adobe Flash plugin for IE6 to IE11, but Gothic Panda targeted IE9 and IE10 users.
Disabling Adobe Flash meant you could use IE without worrying about the attack, but most people discontinued using Microsoft's browser until they fixed the problem&mdash;some never returned to IE!
Luckily, FireEye Research Labs found the zero-day exploit early. Still, it took several days for Microsoft to fix the vulnerability, and only a few users fell victim to Operation Clandestine Fox.
In a statement, Microsoft stated: "The reality is there have been a very small number of attacks based on this particular vulnerability and concerns were, frankly, overblown."
<h3>Operation Clandestine Fox - Part 2 - 2014</h3>
Shortly after Microsoft fixed IE, Gothic Panda switched tactics to contacting US companies through a spear-phishing campaign.&nbsp;
The perpetrators would first "friend" or "follow" a victim's friends and family on social media. Next, they would send direct messages (DMs) and emails pitching themselves as potential tech candidates looking for work.
The correspondence contained malicious links and attachments designed to provide Gothic Panda access to the user's device.
The tools and tactics were identical to Operation Clandestine Fox, leading investigators to believe the group had quickly changed its method of attack after the Microsoft patch on IE.
<h3>DoublePulsar Backdoor - 2016</h3>
In 2017, hacker group The Shadow Brokers leaked tools and zero-day exploits from "Equation Group," a suspected branch of the National Security Agency (NSA).
While there was no evidence to tie Gothic Panda to The Shadow Brokers leak in 2017, the group used variants of Equation Group's leaked tools in 2016 for cyberattacks in Belgium, Luxembourg, Hong Kong, Vietnam, and the Philippines.
Investigators believe that either Gothic Panda had stolen these tools earlier or The Shadow Brokers weren't the source of the 2017 leak.
<h3>C919 airplane - 2010 to 2015</h3>
A 2019 report from security firm CrowdStrike shows how the Chinese Ministry of State Security used multiple hacker groups, including Gothic Panda, to breach aviation and aerospace companies worldwide.
When hackers could not breach a target, the MSS recruited Chinese nationals working at these companies to install malware on the victim's network.
The MSS wanted to steal intellectual property to help a Chinese state-owned aerospace manufacturer build its C919 airplane.&nbsp;
The operation was a success for China, but experts pointed out more than 20 parts and equipment on the C919 stolen from primarily European and American companies.
The United States indicted several Chinese nationals, but China hasn't responded to requests for extradition.
&rlm;&rlm;&lrm; &lrm;
<h2>Protect Your Business from Cyber Attacks</h2>
Cyber attacks are increasing at an alarming rate. We saw many <a href="https://teampassword.com/blog/the-biggest-data-breaches-of-2020">significant data breaches in 2020</a>, including the infamous SolarWinds attack and the <a href="https://teampassword.com/blog/what-happened-with-the-cam4-data-leak">CAM4 data leak</a>.
More recently, we've seen how attackers <a href="https://teampassword.com/blog/t-mobile-data-breach-2021-what-happened">breached T-Mobile</a>, affecting around 40 million users!
Preventing attacks starts with <a href="https://teampassword.com/blog/your-passwords-are-only-as-secure-as-your-teams">educating employees about cybersecurity risks</a>. Most attacks happen due to human error, so a well-educated, vigilant team will thwart most attacks.
Secondly, make sure you update software, firmware, and applications as soon as an update is released. These updates often fix zero-day exploits and other vulnerabilities groups like Gothic Panda use for attacks.
The next step is to protect your passwords. Using a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager like TeamPassword</a> allows you to <a href="https://teampassword.com/blog/how-to-safely-share-passwords-with-coworkers">share access safely</a> without exposing passwords.
Instead of entering credentials, team members use one of TeamPassword's browser extensions (Chrome, Firefox, and Safari) to log in to social media, productivity tools, web apps, and other accounts your company uses.
You can create groups for sharing credentials and remove a team member when they no longer need access. This feature is fantastic for businesses that regularly <a href="https://teampassword.com/blog/keeping-data-secure-when-working-with-freelancers">share passwords with freelancers and contractors</a>.
Instead of sharing multiple passwords, you share one key to unlock them all. <a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> has an activity log and email notifications so you can monitor user behavior and prevent unauthorized access.
Other TeamPassword security features include:
<ul>
<li style="font-weight: 400;" aria-level="1">Two-factor authentication (2FA)</li>
<li style="font-weight: 400;" aria-level="1">Built-in secure password generator</li>
<li style="font-weight: 400;" aria-level="1">Advanced encryption technology</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
TeamPassword offers a <a href="https://app.teampassword.com/dashboard#signup/testimonial">free 14-day trial</a> for businesses to test the password manager's features with team members.

Gothic Panda is a known Chinese state-sponsored cyberespionage group, so what can you do to protect yourself from Gothic Panda?

Gothic Panda is a known Chinese state-sponsored cyberespionage group, so what can you do to protect yourself from ...

Who is Gothic Panda and how can you protect yourself?

Energetic Bear is likely one of Russia's oldest cyberespionage groups. Active since around 2005, Energetic Bear primarily attacks US infrastructure with a preference for the energy sector.
US Intelligence has linked Energetic Bear to Russia's FSB (formally the KGB), but it's unclear if the group works directly for Russian Intelligence or operates as a contractor. There is speculation that Energetic Bear moonlights as a criminal gang to hide its direct ties to the Russian government.
We saw some <a href="https://teampassword.com/blog/the-biggest-data-breaches-of-2020">big data breaches in 2020</a>! Make sure your company is secure.
&rlm;&rlm;&lrm; &lrm;
<a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a 14-day TeamPassword trial</a> to prevent attackers from stealing your company's many account credentials.
&rlm;&rlm;&lrm; &lrm;
<h2>Who is Energetic Bear?</h2>
Energetic Bear is a Russian advanced persistent threat that regularly attacks US government infrastructure, including private contractors, to gather intelligence.
While Energetic Bear seems to focus on the United States, German intelligence linked the group to several 2020 attacks against the country's energy, water, and power sectors.
Energetic Bear got its name from CrowdStrike. "Energetic" being the group's codename, while "Bear" refers to a Russian advanced persistent threat group.
<h3>Energetic Bear Aliases</h3>
<ul>
<li style="font-weight: 400;" aria-level="1">Berserk Bear (Just as commonly used to reference the group as Energetic Bear)</li>
<li style="font-weight: 400;" aria-level="1">Crouching Yeti</li>
<li style="font-weight: 400;" aria-level="1">Dragonfly</li>
<li style="font-weight: 400;" aria-level="1">Dragonfly 2.0 (There is some indication that this group is a sub-group or close affiliate of Energetic Bear)</li>
<li style="font-weight: 400;" aria-level="1">DYMALLOY</li>
<li style="font-weight: 400;" aria-level="1">Dymallos</li>
<li style="font-weight: 400;" aria-level="1">Havex (One of the group's custom malware)</li>
<li style="font-weight: 400;" aria-level="1">IRON LIBERTY</li>
<li style="font-weight: 400;" aria-level="1">Koala</li>
<li style="font-weight: 400;" aria-level="1">TeamSpy</li>
<li style="font-weight: 400;" aria-level="1">TG-4192</li>
<li style="font-weight: 400;" aria-level="1">Castle</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
<h2>What does Energetic Bear do?</h2>
Energetic Bear's primary goal is to collect intelligence and steal intellectual property in the energy industry, but they often try to breach aviation networks.
What makes Energetic Bear unique compared to other advanced persistent threat groups is its focus. Many cyberespionage groups attempt to access any multinational or government organization&mdash;Energetic Bear never strays far from utility infrastructure.
US Intelligence agencies and security analysts believe Energetic Bear's goal is to delegitimize SLTT (state, local, tribal, and territorial) government entities. By doing so, Energetic Bear can destabilize the country (or regions) and possibly influence elections.
The group is known for using several modes of attack, including spear-phishing, waterhole attacks, and compromising legitimate software packages.
Most of their toolsets are custom-made by the group, and their tactical, methodical approach allows Energetic Bear to remain undetected for long periods.
&rlm;&rlm;&lrm; &lrm;
<h2>Famous Energetic Bear Attacks</h2>
As an active group since around 2005, Energetic Bear has been involved in many cyber attacks. Energetic Bear is also known for mimicking other hacker groups, making it difficult to know the extent of their crimes.
<h3>LightsOut Exploit - 2014</h3>
In 2014, Energetic Bear (identified as Dragonfly during this attack) used a watering hole attack to target multiple organizations in the energy sector.
Dragonfly compromised the website of a law firm that works with US energy firms to redirect users to another website while simultaneously installing a LightsOut exploit kit on the user's browser.
The LightsOut exploit kit conducts several diagnostics on the user's device to determine which malware and trojans to deploy. It then drops and attempts to install malicious payloads on the user's device.
Energetic Bear can then monitor the device, including configurations, clipboard data, and keystrokes. This information allows Energetic Bear to gather credentials and configurations to log into systems and networks.
Reports are vague about the extent of Energetic Bear's victims or the data compromised during the 2014 attacks.
<h3>United States Federal Government Data Breach - 2020</h3>
Energetic Bear is a prime suspect in one of the United States' worst cyberespionage incidents in history.&nbsp;
The 2020 attack infiltrated multiple US federal government institutions, including the US Treasury Department, the National Telecommunications and Information Administration, the US Department of Commerce, and many more.
Beyond the United States, the Energetic Bear stole data that affected NATO, the UK government, the European Parliament, and at least 200 more foreign organizations.
The attackers used multiple entry points, and investigators estimate the group was active on the network for eight to nine months before being detected.
Software vulnerabilities in Microsoft and VMware provided Energetic Bear with emails and other documents to carry out spear-phishing attacks. At the same time, stolen credentials from SolarWinds's Orion software provided further access.
Investigators believe this was a coordinated effort from several Russian cyberespionage groups, including Energetic Bear, <a href="https://teampassword.com/blog/who-is-fancy-bear-and-how-can-you-protect-yourself">Fancy Bear</a>, and <a href="https://teampassword.com/blog/who-is-cozy-bear-and-how-can-you-protect-yourself">Cozy Bear</a>.
&rlm;&rlm;&rlm;&lrm; &lrm;&lrm; &lrm;&nbsp;
<h2>Is Your Company Prepared for Cyber Attacks?</h2>
Stopping attackers like Energetic Bear is difficult but not impossible. While they use clever tactics and malware to infect a user's PC, they still need to steal login credentials to gain full access.
A <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager</a> allows your team members to access systems, accounts, and web applications without using raw credentials. So, even if an attacker is monitoring their device, they'll never expose account passwords.
<h3>Protecting Your Business with TeamPassword</h3>
<a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> is a robust password manager designed for sharing credentials safely amongst team members, contractors, and freelancers.
Instead of using raw credentials, team members use one of TeamPassword's browser extensions (Chrome, Firefox, and Safari) to login into apps, software, and online accounts.&nbsp;
You can create groups for sharing passwords and only provide access to those who need it. Because team members use TeamPassword, they never see the actual password, mitigating the risk of authorized <a href="https://teampassword.com/blog/how-to-safely-share-passwords-with-coworkers">credential sharing</a>.
And, when a team member no longer needs access, remove them with one click. No need to change passwords every time someone leaves a project!
If you need to change credentials, TeamPassword's built-in <a href="https://teampassword.com/password-generator">secure password generator</a> allows you to create a unique 12-32 character password instantly. TeamPassword also updates these new credentials for all users.
One of TeamPassword's best security features is <a href="https://teampassword.com/blog/password-manager-with-2fa">two-factor authentication (2FA)</a>. By setting up 2FA, team members must use Google Authenticate to access their TeamPassword account. So, even if attackers steal login credentials, they can't access TeamPassword without the second authentication step.
Another fantastic security feature is TeamPassword's activity log and email notifications. With the activity log, you can review every action from users on TeamPassword, making it easy to identify who is responsible for the authorized credential sharing or login attempts.
Additionally, you can set up email notifications to live-track every TeamPassword action (logins, password sharing, new accounts, and more).
&rlm;&rlm;&lrm; &lrm;
<h2>Secure Your Company's Digital Assets Today!</h2>
Stop sharing passwords in spreadsheets and emails&mdash;exposing your business, customers, and clients to cyber-attacks!
&rlm;&rlm;&lrm; &lrm;
Sign up for a <a href="https://app.teampassword.com/dashboard#signup/testimonial">14-day TeamPassword trial</a> and test our robust password manager with your team.

Energetic Bear is likely one of Russia's oldest hacker groups. What have they done during their time being active? let's take a dive in.

Energetic Bear is likely one of Russia's oldest hacker groups. What have they done during their time being ...

Who is Energetic Bear and how can you protect yourself?

Emissary Panda is a Chinese advanced persistent threat group notorious for using strategic Web compromises to target victims.
The group has been around since 2010 and is still highly active to this day&mdash;attacking governments and multinational corporations worldwide.
Cyber attacks are increasing at an alarming rate! Does your company have effective cybersecurity tools and systems to mitigate breaches? <a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> allows you to protect your company's digital assets with a <a href="https://app.teampassword.com/dashboard#signup/testimonial">secure password management tool</a>.
&rlm;&rlm;&lrm; &lrm;
Try our <a href="https://app.teampassword.com/dashboard#signup/testimonial" rel="follow">14-day free trai</a>l to protect yourself
&rlm;&rlm;&lrm; &lrm;
<h2>Who is Emissary Panda?</h2>
Emissary Panda is a Chinese cyberespionage group that primarily targets aerospace, government, defense, technology, energy, and various manufacturing sectors.
Emissary Panda has been active since at least 2010 when they breached US defense contractors stealing terabytes of data!
The group is highly active in the Middle East and Asia and regularly attacks NATO allies, including the United States.
Emissary Panda got its name from the security firm CrowdStrike. "Emissary" being the group's codename, while "Panda" refers to a Chinese advanced persistent threat.
<h3>Emissary Panda Aliases</h3>
Emissary Panda goes by several aliases, including:
<ul>
<li style="font-weight: 400;" aria-level="1">TG-3390</li>
<li style="font-weight: 400;" aria-level="1">BRONZE UNION</li>
<li style="font-weight: 400;" aria-level="1">APT27 (Advanced Persistent Threat 27 - US federal government classification)</li>
<li style="font-weight: 400;" aria-level="1">Iron Tiger</li>
<li style="font-weight: 400;" aria-level="1">LuckyMouse</li>
<li style="font-weight: 400;" aria-level="1">TEMP.Hippo</li>
<li style="font-weight: 400;" aria-level="1">Red Phoenix</li>
<li style="font-weight: 400;" aria-level="1">Budworm</li>
<li style="font-weight: 400;" aria-level="1">Group 35</li>
<li style="font-weight: 400;" aria-level="1">ZipToken</li>
</ul>
Emissary Panda has collaborated with other Chinese cyberespionage groups, including Turbine Panda, Deep Panda, and APT26.
&rlm;&rlm;&lrm; &lrm;
<h2>What does Emissary Panda do?</h2>
Emissary Panda attacks government institutions and multinational organizations to steal state secrets and intellectual property.
The group is famous for installing web shells through software vulnerabilities and then installing multiple "backdoors," making it difficult to eradicate the attackers from a system.
Emissary Panda's malware and trojans are highly advanced, making it near impossible to detect the group or its movements through a network. The attackers use various pieces of malware to provide remote access, install backdoors, and hide their tracks by deleting user activity logs.
In some instances, Emissary Panda uses a mix of software vulnerabilities and spear-phishing to breach networks.
What makes Emissary Panda unique is the group's well-planned operations, often working for years before breaching their final target.&nbsp;&nbsp;
Until 2020, Emissary Panda's primary focus was cyber espionage and intelligence gathering. But since 2020, investigators have linked Emissary Panda to multiple <a href="https://teampassword.com/blog/colonial-pipeline-ransomware-attack-dont-reuse-passwords">ransomware attacks</a>.
&rlm;&rlm;&lrm; &lrm;
<h2>Famous Emissary Panda Attacks</h2>
Emissary Panda is a highly active group, constantly attacking organizations to steal information. These are just a few examples of Emissary Panda's attacks but showcase the sophisticated level of planning and execution.
<h3>Operation "Iron Tiger" - 2010 - 2013</h3>
Emissary Panda's first major attack was against a US defense contractor in 2013. But the operation started in Asia in 2010.
The group managed to steal a significant amount of military data, including emails, intellectual property, and strategic planning documents.
Iron Tiger was a well-coordinated cyberespionage operation spanning two continents with targets in Hong Kong, China, Tibet, the Philippines, and the United States.
In 2010, the attackers used spear-phishing attacks to target victims in China, Hong Kong, the Philippines, and Tibet. After breaching a system, Emissary Panda would lie silently, gathering intelligence.
After three years, Emissary Panda had the information it needed to go after bigger fish, mostly technology contractors for the United States government.&nbsp;
By the end of Operation "Iron Tiger," Emissary Panda had stolen terabytes of data, most of it from the United States. The sensitivity of this data posed a severe threat to US intelligence and military organizations.&nbsp;
<h3>Multiple Watering-Hole Attacks - 2015</h3>
In 2015, Dell SecureWorks unveiled a report at the Black Hat information security conference in Las Vegas.&nbsp;
The report detailed how Emissary Panda used more than 100 legitimate websites (for watering-hole attacks) to breach at least 50 US and UK organizations.&nbsp;
Emissary Panda relied on program vulnerabilities to inject malicious code into legitimate websites&mdash;mostly embassies and NGOs. Visitors would use the website as usual but navigating from one page to the next would automatically download an exploit onto the user's device.
The exploit would automatically set up a web shell for Emissary Panda to access the PC while at the same time creating backdoors and erasing user logs to remain undetected.
Emissary Panda spent time gathering intelligence and stealing credentials as they moved laterally through systems and networks. In some cases, they used spear-phishing attacks sent from legitimate email addresses to access other networks and organizations.
<h3>Emissary Panda's First Known Ransomware Attack - 2020</h3>
In 2020, Emissary Panda switched from cyber espionage to ransomware attacks&mdash;a highly unusual move for a typical advanced persistent threat group. The group targeted multiple gaming companies worldwide, breaching at least one.
The breach started at a third-party supplier, twice removed from the actual target before Emissary Panda eventually broke into the gaming company.
The group installed web shells and created multiple backdoors making it impossible to remove the attackers.
It's unclear who the gaming company was or whether or not they paid a ransom.
This attack shows that Emissary Panda is capable and willing to engage in all sorts of cybercrimes and not just gather intelligence.
&rlm;&rlm;&lrm; &lrm;
<h2>How Can You Protect Yourself Against Cyber Attacks?</h2>
Preventing a group like Emissary Panda is extremely difficult. These attackers rely on software vulnerabilities and human error to breach a target&mdash;often trying multiple attempts over many months and years.
The first step to prevent these sorts of attacks is for companies to update software and firmware regularly. These updates provide crucial bug fixes&mdash;the types of vulnerabilities that groups like Emissary Panda use to stage an attack.
Effective <a href="https://teampassword.com/blog/cybersecurity-for-small-businesses">cybersecurity is essential for small businesses</a>, especially if you work with <a href="https://teampassword.com/blog/keeping-data-secure-when-working-with-freelancers">contractors and freelancers</a>. We learn from Emissary Panda that cyber criminals often attack 3rd party providers to gain access to bigger fish.
&rlm;&rlm;&lrm; &lrm;
<h2>Secure Your Business with TeamPassword</h2>
TeamPassword is a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager</a> designed for secure account authentication and safe credential sharing. You never share raw passwords, eliminating the risk of authorized access or sharing.
With TeamPassword, you can create groups for various accounts, so you only provide access to those who need it. When a team member no longer needs access, simply remove them with one click.
The password manager comes with two-factor authentication, preventing a full breach if attackers steal a user's credentials. <a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> also features an activity log, and you can set up email notifications for every action on the password manager.
Protect your company's digital assets with TeamPassword. Get a <a href="https://app.teampassword.com/dashboard#signup/testimonial">14-day free trial</a> to test our robust password management tool with your team today!

Emissary Panda is a Chinese cyberespionage group that has been active from 2010, but what really is Emissary Panda and what have they done?

Emissary Panda is a Chinese cyberespionage group that has been active from 2010, but what really is Emissary ...

Who is Emissary Panda and how can you protect yourself?

Who is Emissary Panda and How Can You Protect Yourself?

Deep Panda is a cyber espionage group from China with suspected links to the Chinese government. The group is highly sophisticated and diligent at covering its tracks&mdash;hence there is no clear evidence of who these individuals are or their affiliations.
All intelligence agencies and cyber security firms know for sure is that Deep Panda operates out of China.
With cyber-attacks on the rise, ALL companies must keep account credentials safe using a password manager like TeamPassword. <a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a 14-day free trial</a>.
&rlm;&rlm;&lrm; &lrm;
<h2>Who is Deep Panda?</h2>
CrowdStrike was the first security firm to discover Deep Panda back in 2011 when the cyberespionage group attempted to hack a Fortune 500 company.
"Deep" is the group's reference name, while "Panda" is CrowdStrike's codename for Chinese hacker groups.
Deep Panda focuses on defense, finance, energy, pharmaceutical, telecommunications, high tech, education, manufacturing, and legal services.
The group primarily targets US governmental institutions and multinational corporations to steal state secrets and intellectual property. Security firms and intelligence agencies have also linked Deep Panda to Southeast Asia, Japan, and South America cyber attacks.
<h3>Deep Panda Aliases</h3>
Deep Panda has several aliases from security agencies and references to the group's malware.
<ul>
<li style="font-weight: 400;" aria-level="1">PinkPanther</li>
<li style="font-weight: 400;" aria-level="1">KungFu Kittens</li>
<li style="font-weight: 400;" aria-level="1">Group 72</li>
<li style="font-weight: 400;" aria-level="1">Shell Crew</li>
<li style="font-weight: 400;" aria-level="1">Black Vine</li>
<li style="font-weight: 400;" aria-level="1">WebMasters</li>
<li style="font-weight: 400;" aria-level="1">APT19 (Advanced Persistent Threat 19 - US federal government classification) - there is some contention among analysts whether Deep Panda is APT19.</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
<h2>What does Deep Panda do?</h2>
Deep Panda's primary goal is to infiltrate networks to gather intelligence and steal state and private organization's secrets.
The group is highly organized and is known to remain undetected on networks for months at a time. Even when security teams know Deep Panda is on a network, it can take months to remove them completely.
Deep Panda uses multiple pieces of malware in a single attack. These packages help Deep Panda connect to a device or network, write code to infect other connected systems, and remove log data so that anyone monitoring the system won't know the group is online.
Deep Panda is also excellent at creating multiple "backdoors" once inside a system. These backdoors give Deep Panda continued access to a system, even when security teams change everyone's passwords.
In most cases, it takes months to get Deep Panda off of a network because they keep creating backdoors to outsmart those trying to remove them.
&rlm;&rlm;&lrm; &lrm;
<h2>Famous Deep Panda Attacks</h2>
Deep Panda is behind some of the most intricate and sophisticated attacks over the last decade. These are some of the group's biggest hits.
It's important to note that authorities and security analysts only suspect Deep Panda's involvement in these crimes due to the modus operandi and toolsets used in these attacks.
<h3>Adobe Breach 2013</h3>
In mid-2013, Deep Panda breached the Adobe ColdFusion web app server via a known software vulnerability.
Once inside, Deep Panda quickly installed malware, created backdoors, and began stealing user data, including usernames, passwords, and payment data, for 38 million Adobe users.
In addition, the group stole source code for Adobe Acrobat, Adobe Reader, Photoshop, and ColdFusion.
To rub salt in the wounds, Adobe had to settle a $1 million lawsuit filed by 15 state attorneys general.
<h3>United States Office of Personnel Management (OPM) Breach - 2015</h3>
In 2015, Deep Panda breached OPM with the intent of stealing government employee data. The group managed to steal 22.1 million government employees' personal records, including associated friends and family background checks.
At the time, the OPM attack was recorded as the biggest government data breach in history.
The records included full names, SSNs, dates and places of birth, and physical addresses.
Deep Panda managed to breach OPM's systems twice. In one of the breaches, attackers posed as an employee of OPM subcontractor, KeyPoint Government Solutions, to acquire legitimate login credentials.
Hackers used PlugX to create a backdoor into the system, a signature Deep Panda maneuver.
In 2017, the FBI arrested Chinese national Yu Pingan at LA International Airport for providing the "Sakula" malware used in the OPM data breach. Pingan spent 18 months in a federal detention center before pleading guilty. The US deported Pingan in 2019.
Security analysts believe the OPM attack was part of an operation to build a database of US government employees. The Chinese government uses these databases to recruit spies or bribe to obtain government secrets.
<h3>Anthem Medical Data Breach - 2015</h3>
In 2015 hackers breached Anthem's systems stealing approximately 80 million personal records&mdash;excluding payment and medical data.
The records included the following personal information:
<ul>
<li style="font-weight: 400;" aria-level="1">Full names</li>
<li style="font-weight: 400;" aria-level="1">Date of birth</li>
<li style="font-weight: 400;" aria-level="1">Medical IDs</li>
<li style="font-weight: 400;" aria-level="1">SSNs</li>
<li style="font-weight: 400;" aria-level="1">Home addresses</li>
<li style="font-weight: 400;" aria-level="1">Email addresses</li>
<li style="font-weight: 400;" aria-level="1">Employment information</li>
<li style="font-weight: 400;" aria-level="1">Income data</li>
</ul>
Analysts warned that criminals could use the Anthem data for identity theft scams or spear-phishing attacks.
US authorities have withheld any information to implicate any criminal group but have indicated that a foreign government likely ordered the attack.
Security analysts speculate that Deep Panda is responsible for the Anthem breach.
&rlm;&rlm;&lrm; &lrm;
<h2>How Does Deep Panda Breach Networks?</h2>
Deep Panda is highly skilled at finding software vulnerabilities and carrying out sophisticated social engineering attacks.
Deep Panda likely receives information from spies to acquire the intelligence necessary to carry out its attacks.&nbsp;
When Deep Panda breaches a system via a software vulnerability, they often set up a fake user to deploy a spear-phishing attack. Because the correspondence appears to come from the network, it's almost impossible for employees to know it's malicious.
Once a user clicks on one of the links, Deep Panda has access to the device and connected networks.
&rlm;&rlm;&lrm; &lrm;
<h2>How Can You Protect Yourself?</h2>
An advanced persistent threat is only concerned with institutions and businesses linked to governments or multinational corporations. While it's highly unlikely Deep Panda will ever attack your business, hackers using similar tactics might!
At TeamPassword, we're always advocating for businesses to <a href="https://teampassword.com/blog/cyber-security-awareness-month-and-teampassword">promote cyber security awareness</a>. Security vulnerabilities constantly evolve, so companies must regularly host cyber awareness sessions, especially if your team comprises <a href="https://teampassword.com/blog/5-tips-to-increase-security-for-your-remote-workforce">remote workers and freelancers</a>.
<h3>TeamPassword&mdash;Your First Line of Defence</h3>
<a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> makes sharing login credentials with coworkers and freelancers safe and easy. Use our built-in <a href="https://teampassword.com/password-generator">strong password generator</a> to create unique credentials for every account.
With all your passwords in one place, team members only need one of TeamPassword's browser extensions (Chrome, Firefox, and Safari) to log into websites, social media accounts, productivity tools, and more.
Our <a href="https://teampassword.com/blog/password-manager-with-2fa">password manager includes two-factor authentication (2FA)</a>, so even if attackers steal an employee's password, they can't gain access to your TeamPassword account.
Get the password manager with robust security features built for sharing. Let TeamPassword manage authentication so you can focus on creating amazing products and services for your customers.
<a href="https://app.teampassword.com/dashboard#signup/testimonial">&rlm;&rlm;&lrm; &lrm;Start your free 14-day TeamPassword trial today</a>.

Deep Panda is a cyber espionage group from China. What have they done to become infamouse? Let's take a deep dive into Deep Panda.

Deep Panda is a cyber espionage group from China. What have they done to become infamouse? Let's take ...

Who is Deep Panda and how can you protect yourself?

Fancy Bear is a Russian cyber espionage group, but what is Fancy Bear, and what have they done? Let us have a deep dive into Fancy Bear.

Fancy Bear is a Russian cyber espionage group, but what is Fancy Bear, and what have they done? ...

Who is Fancy Bear and how can you protect yourself?

With the fast-growing gig economy and websites like Upwork, Fiverr, and Freelancer, agencies can now offer a wide range of marketing and creative services with just a handful of full-time employees.
While this new age of distributed workforces enables startups to be competitive while empowering remote workers and freelancers, it does expose businesses and their clients to potential data security risks.
These data security risks involve basic <a href="https://app.teampassword.com/dashboard#signup/testimonial">password management</a> for most companies, but for others, there's the risk of exposing customer data and possibly contradicting data privacy laws.
Here are 10 things to consider to keep data secure when you&rsquo;re a business with a lot of remote workers and freelancers.
&rlm;&rlm;&lrm; &lrm;
If you are working with freelancers try Teampassword for <a href="https://app.teampassword.com/dashboard#signup/testimonial" rel="follow">14 days for free</a>
&rlm;&rlm;&lrm; &lrm;
<h2>Evaluate Risk &amp; Assign Data Security Protocols</h2>
Businesses working with remote workers and freelancers must evaluate levels of risk and the associated protocols.&nbsp;
For example, it might be ok for teams to log in to social media accounts remotely, but accessing client databases or financial information must only be accessed by vetted full-time employees working on a secure company network.
Once you set up these data protection protocols, you can determine which projects, tasks, and clients are for internal teams and which you can outsource to remote workers and freelancers.
It's important to note that these levels of security are guidelines and not a one-size-fits-all approach. While <a href="https://teampassword.com/blog/secure-password-sharing">secure password sharing</a> might be enough for some clients, high-risk multi-national organizations might require that only vetted, full-time employees on a secure company network access its accounts and systems.
&rlm;&rlm;&lrm; &lrm;
<h2>Limiting Access</h2>
Part of evaluating your data security risks is determining who needs access to tools and apps.&nbsp;
For example, if you use software to manage social media, is it necessary to give freelancers access to social media channels? Does a copywriter need access to your CMS, or can they submit articles via Microsoft Word or Google Docs? Should you give marketers access to analytics software or generate the reports they need and share via Excel or Sheets?
Even if your password management is watertight, companies must prioritize limiting access to tools and applications over convenience.
&rlm;&rlm;&lrm; &lrm;
<h2>Creating Access Levels</h2>
Another consideration within an organization is creating access levels for apps, tools, and access to data. Companies must treat every element of the organization on a need-to-know basis to minimize leaks and breaches.
With a tool like TeamPassword, these access levels can be associated with our groups and sharing feature, so there is no confusion over who is allowed access to what&mdash;especially when it comes to freelancer security policies.
&rlm;&rlm;&lrm; &lrm;
<h2>Educating Team Members About Data Security</h2>
Cybersecurity training is an essential part of mitigating potential data security risks. Depending on your security protocols, training might extend to freelancers.
Due to the ever-changing landscape of technology and cybercrimes, companies must keep employees and freelancers up-to-date with the latest scams and attacks. You might even consider a dedicated Slack channel or cybersecurity wiki to keep teams informed of the latest scams and attacks.
Companies should also educate teams about reacting to a breach or attack, such as shutting down servers, going offline, and communication protocols.
&rlm;&rlm;&lrm; &lrm;
<h2>Common Types of Data Breaches in 2021</h2>
The baseline for any data security training is for employees to understand two of the most common types of data breaches in 2021.&nbsp;
<h3>Malware Email or Messaging Attacks</h3>
With malware email attacks, cybercriminals send seemingly mundane messages or emails containing malicious links or file downloads.&nbsp;
Once the link or download is activated, criminals have complete access to a device, emails, messages, and any saved login credentials. The problem with these sorts of attacks is criminals can monitor a device indefinitely without being detected.
Many businesses will regularly test employees by sending "spoofed" emails and messages to see if anyone takes the bait. Employees who fail these tests must be retrained to ensure they're fully aware of malware scams and tactics.
<h3>Phishing</h3>
Phishing or social-engineering attacks are one of the most common cyber threats to companies and individuals. Cybercriminals will attempt to direct an individual to a site or app they think is legitimate to enter login credentials or personal information.
Using a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager like TeamPassword</a> eliminates the need for an employee to enter login credentials, reducing the risk of employees falling victim to phishing scams. Companies should also limit access to surfing the net and block access to sites without Secure Sockets Layer (SSL/HTTPS).
&rlm;&rlm;&lrm; &lrm;
<h2>Freelancers and Remote Works on Public Networks</h2>
One of the most significant issues companies face is how teams connect to the Internet. The romanticized notion of teams working from coffee shops poses a severe risk for data security. It's impossible to know who's monitoring a public network or if anyone is looking over a team member's shoulder while they work.
Policies around working on public WiFi come down to educating teams about potential risks. A strict VPN policy is an excellent first step. Still, employees should also be aware of their surroundings, people sitting near them, mirrors, CCTV cameras, and never leaving their computers or devices unattended.
Companies might also want to consider allocating portable WiFi devices to remote team members. While these devices are not entirely secure, it is better to be on a mobile network than public WiFi.
&rlm;&rlm;&lrm; &lrm;
<h2>Enterprise Mobility Management (EMM)</h2>
Businesses can control the access they give remote teams and freelancers working on their own devices through an effective Enterprise Mobility Management (EMM) policy.&nbsp;
EMM enables IT admins to monitor and manage both company and personal devices to corporate data security and protect sensitive data. These security management systems also allow IT departments to monitor a team member's WiFi network, determine its safety, and react to any suspicious activity. IT admins can remotely lock or wipe the device if a team member's device is lost or stolen.
&rlm;&rlm;&lrm; &lrm;
<h2>Regulations for Freelancer Security</h2>
Businesses must also consider the regulatory requirements of countries and states. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) is one of the only national data protection policies protecting against the access and sharing of health-related data.
California has one of the strictest data privacy regulations under the California Consumer Privacy Act (CCPA). The act goes beyond health-related data to protect every consumer across all industries.&nbsp;
Businesses contravening the CCPA face hefty fines and may be subject to class-action lawsuits. The act protects consumer's rights, affording them to:
<ul>
<li style="font-weight: 400;" aria-level="1">Know what data organizations collect about them</li>
<li style="font-weight: 400;" aria-level="1">Opt-out of data sales to third parties</li>
<li style="font-weight: 400;" aria-level="1">Access and download data collected about them</li>
<li style="font-weight: 400;" aria-level="1">Transfer their data to a different service</li>
<li style="font-weight: 400;" aria-level="1">Delete their data</li>
</ul>
US States implementing similar regulations include:
<ul>
<li style="font-weight: 400;" aria-level="1">Vermont</li>
<li style="font-weight: 400;" aria-level="1">Alabama</li>
<li style="font-weight: 400;" aria-level="1">South Dakota</li>
<li style="font-weight: 400;" aria-level="1">Arizona</li>
<li style="font-weight: 400;" aria-level="1">Colorado</li>
<li style="font-weight: 400;" aria-level="1">Oregon</li>
<li style="font-weight: 400;" aria-level="1">Virginia</li>
<li style="font-weight: 400;" aria-level="1">New Jersey</li>
<li style="font-weight: 400;" aria-level="1">Rhode Island</li>
</ul>
With heightened awareness around <a href="https://teampassword.com/blog/the-scariest-data-breaches-of-all-time">data breaches</a> and cybercrime, we will likely see similar laws passed at the federal level soon.
<h3>General Data Protection Regulation (GDPR)</h3>
Europe's GDPR is the strictest privacy law globally and will likely become the global standard for other nations to model data protection regulations.
GDPR doesn't just protect EU consumers but anyone trading with EU merchants or even travelers passing through the region. The laws also extend to the hiring of remote workers and freelancers.
Leaking an email database or <a href="https://teampassword.com/blog/top-five-mistakes-when-sharing-passwords-with-your-team">negligent password management</a> could see fines of as much as &euro;10 million or 2 percent of a company's annual revenue.
&rlm;&rlm;&lrm; &lrm;
<h2>Robust Password Management</h2>
If you need to give freelancers access to shared tools or apps, then a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager</a> is essential. In fact, password managers must be used whenever you share login credentials for apps, tools, and accounts, even for internal staff members.
TeamPassword allows companies to <a href="https://teampassword.com/blog/how-to-safely-share-passwords-with-coworkers">share passwords with coworkers safely</a>. By installing a browser extension, team members never see passwords, mitigating the risk of <a href="https://teampassword.com/blog/prevent-password-theft-from-ex-employees">password theft</a> or unauthorized sharing and access.
5 reasons to use TeamPassword when working with remote teams and freelancers:
<ul>
<li style="font-weight: 400;" aria-level="1">Secure Password Generator - With a secure password generator, you never have to worry about team members creating weak passwords or sharing credentials across tools or applications. TeamPassword's secure password generator allows you to create passwords up to 32 characters long with uppercase, lowercase, symbols, and numbers.</li>
<li style="font-weight: 400;" aria-level="1">Groups &amp; Sharing - Instead of sharing a username and password, you can add team members and freelancers to a TeamPassword group with access to a specific tool or app. Teams never see login credentials, and you can remove a team member with a single click.</li>
<li style="font-weight: 400;" aria-level="1">2-Step Verification (2FA) - <a href="https://teampassword.com/blog/password-manager-with-2fa">2FA</a> is essential for remote teams and freelancers. With 2FA, you reduce password breaches like credential stuffing, phishing, and brute force attacks, to name a few. 2FA is also effective against prying eyes in public spaces like coffee shops.&nbsp;</li>
<li style="font-weight: 400;" aria-level="1">Activity and Logging - Effective password management also requires that companies manage activity logs to react immediately to unauthorized access and sharing. Activity logs also help when investigating breaches.</li>
<li style="font-weight: 400;" aria-level="1">Email Notifications - TeamPassword alerts managers via email to any action or activity&mdash;a vital feature for monitoring data protection and access to sensitive tools and applications.</li>
</ul>
&rlm;&rlm;&lrm; &lrm;
Secure your data, tools, and apps with advanced secure encryption technology from TeamPassword. Start your <a href="https://app.teampassword.com/dashboard#signup/testimonial">free trial</a> and mitigate freelancer security risks and password sharing with <a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a>.

Freelancers can now offer creative services with just a handful of employees, but how do you keep your data safe when working with them?

Freelancers can now offer creative services with just a handful of employees, but how do you keep your ...

keeping data secure when working with Freelancers

Keeping Data Secure When Working With Freelancers

Team Password Blog | Author teampassword | Page 4

Learn what to do if you forgot your Facebook password and how to use TeamPassword to make sure you never forget a password again.

Learn what to do if you forgot your Facebook password and how to use TeamPassword to make sure ...

What to do if you forgot your Facebook password?

Usernames are essential for security and anonymity online. But some people come up with username ideas to stand out or align with a brand. Usernames can also help gain followers or build a social media following.
With so many possibilities, coming up with username ideas can be challenging! Luckily, there are plenty of tools and methods to create unique usernames.
Whether you're aiming for fame or privacy, we have username ideas to help you create unique usernames easily!
Using unique credentials (including passwords and usernames) can mitigate many cybersecurity vulnerabilities. When paired with a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager like TeamPassword</a>, strong usernames and passwords can protect you against attacks. Sign up for a 14-day free TeamPassword trial today!
&nbsp; &nbsp;&nbsp;
<h2>Why You Need to Use Unique Usernames</h2>
There are several reasons people want unique usernames ideas:
<ul>
<li style="font-weight: 400;" aria-level="1">Security</li>
<li style="font-weight: 400;" aria-level="1">Anonymity</li>
<li style="font-weight: 400;" aria-level="1">Popularity</li>
<li style="font-weight: 400;" aria-level="1">Humor</li>
<li style="font-weight: 400;" aria-level="1">Business name ideas</li>
</ul>
&nbsp; &nbsp; &nbsp;&nbsp;
<h3>Unique Usernames for Security</h3>
Many people don't know about the importance of using unique or secure usernames for online security. Reusing usernames can be just as troublesome as <a href="https://teampassword.com/blog/colonial-pipeline-ransomware-attack-dont-reuse-passwords">reusing passwords</a>.
If criminals steal your credentials from a <a href="https://teampassword.com/blog/category/data-breaches">data breach</a>, they can use your username to figure out where else you have accounts and deploy spear-phishing attacks using fake correspondence to steal your credentials.
For example, hackers sending you a "password reset" from Instagram because they "suspect suspicious activity!" If you use unique usernames for every account, the attackers won't find your Instagram profile!
Don't think that you won't fall for these ploys! Many individuals with regular cybersecurity training fall victim to phishing attacks.
In effect, unique usernames act as a second password, preventing anyone from finding your accounts with a single username.
&nbsp; &nbsp;&nbsp;
<h3>Unique Usernames for Anonymity</h3>
Aligned with security is anonymity. Maintaining anonymity online can protect you from cyberattacks and prevent work colleagues, clients, and other companies or individuals from finding you online.
Many people want to separate their professional profiles from their personal ones while maintaining an online presence. Using unique usernames can hide the profiles you prefer to keep private.
&nbsp; &nbsp;
<h3>Unique Usernames for Fame, Popularity, Attention</h3>
A good Instagram username can help you stand out and boost your online presence. If your username is unique or obscure, it could lead to more profile clicks and followers.
A good example is French Connection UK or @FCUK. At first glance, the username looks like an expletive, drawing people's attention to the brand.
People often use made-up words, obscure combinations, and other naming conventions to grab attention online.
&nbsp; &nbsp;
<h3>Unique Usernames for Humor</h3>
Humor is another reason people often want unique username ideas. For example, @PickledElephantTusk is sure to get people's attention and perhaps a chuckle at the ridiculousness.
Funny usernames are great for social media profiles, but you might want to avoid these if you're trying to aim for security or anonymity!
&nbsp; &nbsp;
<h3>Business Name Ideas</h3>
Most startups want a unique brand name, including URL and social media usernames. Startups can ensure that every digital touchpoint is unique to their brand by choosing an available unique username first.
While using the same username is necessary for branding on social media channels, companies should always choose different, unidentifiable usernames for non-public accounts&mdash;email marketing apps, keyword research tools, productivity tools, accounting apps, etc.
&nbsp; &nbsp;
<h2>How Can You Get Unique Usernames Ideas?</h2>
There are many places you go for unique username ideas. Here are a few of our best sources for inspiration:
<ul>
<li style="font-weight: 400;" aria-level="1">Pinterest</li>
<li style="font-weight: 400;" aria-level="1">Username generators</li>
<li style="font-weight: 400;" aria-level="1">Google Search - type a word and look through the autocompletes. This is also an excellent way to find trending usernames</li>
<li style="font-weight: 400;" aria-level="1">Instagram hashtags</li>
</ul>
&nbsp; &nbsp;
<h2>Here are a Couple of Methods for Thinking of Great Usernames Ideas</h2>
If you're looking for inspiration, here are three methods for coming up with great username ideas. We've included processes for creativity, speed, and security.
<h3>Creating Your Own Unique Usernames</h3>
The best way to create unique username ideas is by combining two or three mismatched words with a number. First, come up with two or three categories, and then pick a word from each.
For example, let&rsquo;s choose the two categories fish, and US State:
<ul>
<li style="font-weight: 400;" aria-level="1">US State: Idaho</li>
<li style="font-weight: 400;" aria-level="1">Fish: Pufferfish</li>
<li style="font-weight: 400;" aria-level="1">Number: 13</li>
<li style="font-weight: 400;" aria-level="1">@IdahoPufferfish13</li>
</ul>
You can come up with funny and cute usernames using this method. It's also a fantastic creative exercise some people might find entertaining.
&nbsp; &nbsp;
<h3>Use a Username Generator</h3>
If you don't want to waste time coming up with usernames yourself, a username generator is a fantastic option to create unique usernames fast!
Some username generator tools will let you add a prefix, suffix, or number and randomize the rest. This method works well if you're trying to find unique username ideas for a specific industry, like fitness, health, tech, etc.
Some username generators even provide a social media search function to see if your unique username is available on the relevant platforms&mdash;providing you speed and efficiency!
Random username generators are also excellent for security because you avoid familiarity, making it less likely for attackers to find you.
&nbsp; &nbsp;&nbsp;
<h3>Use a Password Generator</h3>
Password generators are great for creating unique username ideas. Password generators produce random strings with letters and numbers, significantly reducing the possibility of someone identifying you.
Try creating a username with TeamPassword's password generator:
<ol>
<li style="font-weight: 400;" aria-level="1">Visit our <a href="https://teampassword.com/password-generator">free password generator</a></li>
<li style="font-weight: 400;" aria-level="1">Deselect symbols (most platforms don't allow symbols in the username. Keep this selected if your platform does allow it!)</li>
<li style="font-weight: 400;" aria-level="1">Our password generator only allows a minimum of 12 characters. If you need a shorter user name, drop the characters you don't need</li>
<li style="font-weight: 400;" aria-level="1">Copy/paste your random username to use when signing up for a new account</li>
</ol>
Remember to use our password generator with uppercase, lowercase, symbols, and numbers to create a secure unique password.&nbsp;
TeamPassword's password manager features a built-in password generator that suggests and pastes a strong password into forms during signup or resets. <a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a free 14-day free trial</a> to start managing your usernames and passwords securely.
&nbsp; &nbsp;&nbsp;
<h2>How You Can Secure Your Accounts Using a Password Manager</h2>
Usernames and passwords are the keys to your individual and company accounts. These credentials prevent attackers from breaching your devices, networks, social media, apps, financial services, and more.
Most companies have hundreds of accounts requiring authentication daily. Often team members need to share access, especially for social media, research tools, productivity apps, store accounts, and marketing tools, to name a few.
<a href="https://teampassword.com/blog/secure-password-sharing">Sharing credentials</a> over email, chat, or via spreadsheets exposes your company, clients, employees, and users to many cybersecurity risks. In some states and countries, sharing passwords this way is illegal!
Using a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager</a> is a secure and efficient way to store and share your company's credentials.
Here are five reasons to choose TeamPassword for your company:
<ol>
<li style="font-weight: 400;" aria-level="1">Affordable - Enterprise-grade password managers are often expensive. TeamPassword provides small businesses, agencies, and startups with an affordable password management solution.</li>
<li style="font-weight: 400;" aria-level="1">Secure - TeamPassword is an <a href="https://teampassword.com/blog/what-is-password-encryption-and-how-much-is-enough">accredited secure hosting provider</a> using state-of-the-art encryption technology. We store your passwords using AES-256, trusted by US government agencies and many other organizations globally.</li>
<li style="font-weight: 400;" aria-level="1">Efficient - Share and revoke access in TeamPassword with a single click. Quickly create passwords using our built-in <a href="https://teampassword.com/password-generator">secure password generator</a>.</li>
<li style="font-weight: 400;" aria-level="1">Scalable - TeamPassword's plans scale with your business. Start with as few as five members and upgrade your plan as your workforce expands.</li>
<li style="font-weight: 400;" aria-level="1">Flexible - Employees can sign into accounts using TeamPassword's Chrome, Firefox, or Safari browser extensions&mdash;catering to both Apple and Windows users.&nbsp;&nbsp;</li>
</ol>
&nbsp; &nbsp;
<h2>Password Management With TeamPassword</h2>
TeamPassword makes it easy and secure to share credentials with employees, clients, freelancers, and contractors. Everyone gets a separate TeamPassword login to manage access and monitor activity.
TeamPassword encrypts your passwords, making it impossible for employees (or even TeamPassword staff) to preview raw credentials.
&nbsp; &nbsp;
<h3>Sharing Access With Groups</h3>
Add your team to TeamPassword and create groups to share access to your various accounts. If an employee, contractor, or freelancer leaves the team, simply remove them from the group&mdash;no need to worry about changing passwords!
If you're an agency working with multiple clients and accounts, one TeamPassword account is all you need! Just increase your plan accordingly.
&nbsp; &nbsp;
<h3>Activity Logging</h3>
Keep track of TeamPassword activity, just like an enterprise password manager does. Monitor logins, password changes, credential sharing, and more to spot suspicious activity.
TeamPassword also lets you set up email notifications&mdash;helpful in monitoring sensitive accounts or specific actions, like sharing or adding new users.
&nbsp; &nbsp;
<h3>Two-Factor Authentication (2FA)</h3>
Enabling 2FA on your TeamPassword account prevents attackers from gaining access, even if they steal your employee's username and password.
TeamPassword uses the Google Authenticator app (iOS &amp; Android), requiring a six-digital randomly generated code as the second authentication step. Without the employee's device, hackers can't complete TeamPassword authentication.
&nbsp; &nbsp; &nbsp;
<h2>Start With a Free Trial</h2>
Coming up with unique username ideas isn't enough to protect your company's digital assets from attack. Protect your company's usernames and passwords with <a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a>.
<a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a 14-day free trial</a> to test our robust and efficient sharing features with your team today!

See the best way to come up with a new username. We break down types of usernames and give you the best username ideas out there.

See the best way to come up with a new username. We break down types of usernames, why ...

Username ideas to make your logins more secure

See the best way to come up with a new username. We break down types of usernames, why secure usernames are important, and how to create them effectively!

Best types of usernames: username ideas to make your logins more secure

Over the last decade, the gig economy boom has allowed professionals worldwide to switch to freelancing and build a network of international clients.&nbsp;
According to Upwork, 1 in 3 US workers engaged in freelance work during 2020. Some of the most successful freelancers earn hundreds of thousands of dollars per year through platforms like Upwork, Freelancer, and Toptal.
&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
Does your company hire freelancers? How do you <a href="https://teampassword.com/blog/should-i-share-data-with-freelancers">share passwords with freelancers</a>? TeamPassword is an affordable password management solution for small businesses, startups, and agencies to share credentials securely with team members and freelancers. <a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a 14-day free trial</a> today.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
<h2>10 Successful Freelancers</h2>
Here are ten successful freelancers and what they do. These freelancers have earned their place as experts in their given field with excellent track records&mdash;many have worked with the biggest companies in the world!
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>1. Marcos Rezende - UX designer - Canada</h3>
Marcos Rezende is a UX Designer from Ontario, Canada, with more than 13 years of experience. Marcos has worked in over 30 industry sectors for multinational organizations in the United States, Canada, Germany, and Brazil.&nbsp;
Some of Marcos' notable projects include apps for Ontario's COVID-19 dashboard, Urban Master Planning collaboration platform, and Reaction (kid's e-learning app), to name a few.&nbsp;
Marcos loves sharing his industry expertise with aspiring UX designers and regularly writes for the popular UX publication Career Foundry. Total recognizes Marcos as part of its "Top 3%" of global freelancer talent&mdash;a title given to elite freelancers in their given field.
We don't have access to Marcos' rates, but the best UX designers on Upwork earn upwards of $100 per hour. As a Toptal Top 3% freelancer, Marcos likely charges $200-$300 per hour.
<a href="https://www.marcosrezende.com/">Marcos Rezende's website</a> was nominated for the prestigious <a href="https://www.awwwards.com/sites/ux-portfolio-marcos-rezende">awwwards.</a> in 2021.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>2. Kathy Edens - Marketing Consultant / Freelance Copywriter - United States</h3>
<a href="https://www.upwork.com/freelancers/~016177d19f0624c1a7?viewMode=1">Kathy Edens is a Top Rated Upwork Freelancer</a> with over $300k platform earnings! Kathy has been self-employed as a marketing consultant and freelance copywriter for almost ten years from her home in Ohio, United States.
She holds a Bachelor of Science in Professional Writing and Psychology from Oregon State University, which she says "...helps me understand how to reach your target audience with words."&nbsp;
Kathy has ghost-written several non-fiction books on various topics, including social entrepreneurship, healthcare, real estate investing, and the cannabis industry, to name a few.
Kathy also writes web content, sales pages, email marketing content, case studies, white papers, brochures, press releases, and more. Kathy's rates start at $86 per hour for her writing and marketing services.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
<h3>3. Koen van Oeveren - UX designer - Netherlands</h3>
Koen van Oeveren is a freelance UI &amp; UX designer from North Brabant, Netherlands, with almost ten years of experience. Koen works with several design agencies in the Netherlands, designing apps, websites, and eCommerce experiences for many international brands.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
Koen holds a Bachelor of Applied Science in Communication and Multimedia Design from Avans University in the Netherlands. Koen's <a href="https://www.koenvo.com/index.html">portfolio website Koenvo</a> was nominated for a <a href="https://www.awwwards.com/sites/koenvo-ui-ux-portfolio">2021 awwwards. Award</a>.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
<h3>4. Pascal Strasche - Product / UX designer - Germany</h3>
Pascal Strasche is a product and UX designer with more than ten years of design experience from Germany. He holds a Master of Arts in Interaction Design and a Bachelor of Arts in Graphic Design, both from HAWK University of Applied Sciences and Arts.
For almost a year over 2020/2021, Pascal worked as the sole product designer to design Con Cubo's SaaS tool that helps complex organizations visualize and manage teams. He's also worked with German steel giant XOM Materials to find product solutions to digitalize&nbsp;Germany's steel industry.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
In 2019, Pascal founded Product Design Resources, a growing archive of 800+ design resources, weekly updated for the design community.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>5. Paul Hunkin - Developer - New Zealand</h3>
Paul Hunkin is a freelance software consultant and developer from Tauranga, New Zealand, but currently living in Portugal.&nbsp;
Paul has over ten years of experience as a software developer with an impressive work history, including Google, NASA, InfoSys, and the Chinese aerospace industry leader COMAC.
He's worked with several early-stage startups designing everything from high-performance big-data systems to complex web applications to 3D rendering engines. He's also built a lot of the foundational code for independent games on Android.&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
Paul is a Top Rated Upwork Freelancer with over $400k in platform earnings. His rates start at $120 per hour for software development. <a href="https://paulh.consulting/">Check out Paul's website</a> for more about his impressive portfolio and work history.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>6. Jana Galat - Writer / Brand Strategist - Canada</h3>
Jana Galat is a freelance copywriter and brand strategist from Ontario, Canada. She holds a Bachelor's Degree in Management and Organizational Studies from King's University College and an Honors in Business Administration from Western University.
Jana has extensive experience writing landing pages, email campaigns, social media ads, and print materials and says, "I am obsessed with creating copy that sells..."
After several years of professional work experience, Jana went freelance in 2019 and has quickly built a reputation as a <a href="https://www.upwork.com/freelancers/~01bfa17a48301876dd">Top Rated Upwork Freelancer</a> with over $70k in platform earnings. Jana's rates start at $100 per hour for copywriting and brand consulting.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>7. Padcha Uaarisakkul - Brand / Creative Consultant - United States</h3>
Padcha Uaarisakkul is a freelance brand and creative consultant from Los Angeles, United States. Padcha worked at The Walt Disney Company for six years, where she managed Licensing &amp; Brand Partnerships for Pixar.
She holds a Master's degree, Marketing Communications from the University of Southern California and a Bachelor of Arts (BA), Advertising from California State University.
Padcha's skillset includes brand strategy, creative concepting, marketing communications, pitch development, and design&mdash;specializing in consumer packaged goods, entertainment, nonprofit, startup, and tech.
Padcha is a Top Rated Upwork Freelancer, and her rates start at $120 per hour. You can find out more about Padcha on her <a href="https://www.padcha.me/">website</a> and <a href="https://www.linkedin.com/in/padcha/">LinkedIn page</a>.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>8. Xhensila Zemblaku - Art Director - Canada</h3>
Xhensila Zemblaku is a freelance art director, UX/UI designer, and illustrator from Markham, Canada. She holds a Bachelor of Fine Arts from Ryerson University with almost ten years of experience.
Xhensila has been a freelancer for most of her professional career and earned over <a href="https://www.upwork.com/freelancers/~01a08d1fcc6ea8fbcb">$400k on Upwork</a>, completed over 150 jobs, and 4,663 hours!&nbsp;
Xhensila's work includes typography, print design, UX/UI design, web, and mobile design. She's a Top Rated Upwork Freelancer currently charging $200 per hour for various creative gigs.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>9. Tanya Litvinova - UX/UI Designer - United States</h3>
Tanya Litvinova is a freelance UX/UI designer from New York City, United States. She holds a Bachelor of Fine Arts in Advertising Design / Communication Design from the Fashion Institute of Technology.
Tanya specializes in product, mobile, and web design as well as user experience flow, research, and validation.
"I have a passion to make the complex simple, shape behavior, design, plan, and strategize. Aiming for the best user experience, all the while balancing the needs of business and technology to create engaging, habit-forming digital products."
Tanya has worked with Fortune 100 &amp; Fortune 500 companies and successfully delivered business-transforming data-driven analytics, responsive BI dashboards, enterprise web apps, and management systems. Some of Tanya's notable clients include KOCH Industries, BlackRock Financial, BCG Group, and FireEye, to name a few.
<a href="https://www.upwork.com/freelancers/~0165035041b26e96df">Tanya is a Top Rated Upwork Freelancer</a> with more than $200k platform earnings. Her current rate starts at $162.50 per hour.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
<h3>10. Guangming Lang - Data Scientist - United States</h3>
Guangming Lang is a freelance data scientist from Michigan, United States. He holds a Bachelor of Arts in Mathematics from New College of Florida and a Master of Science in Biostatistics from the University of Michigan. Guangming has also completed several Coursera courses in data science and machine learning.
Guangming has been a freelancer since 2013 and has worked across several industries, including fintech, trading, medicine, biotech, advertising, and HR.&nbsp;
Guangming is a Top Rated Upwork Freelancer with over $400k in platform earnings. He's completed 216 jobs on Upwork totaling 3,805 hours! Guangming's current rates start at $200 per hour.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
<h2>Secure Freelancer Workflows With TeamPassword</h2>
No matter how talented or reputable the freelancers and contractors you hire, your company must use secure workflows to protect your digital assets.
Freelancers often need access to shared accounts and tools. Using a <a href="https://app.teampassword.com/dashboard#signup/testimonial">password manager</a> is the first step to securing these accounts and platforms. You can also use a password manager to share credentials with employees, clients, and other stakeholders to ensure you never expose raw passwords via email, spreadsheets, chat apps, and other non-secure methods.
<a href="https://app.teampassword.com/dashboard#signup/testimonial">TeamPassword</a> lets you create groups to share access with only those who need it. When they're done, revoke access with a single click. No need to change passwords every time someone leaves the team.
If you do need to change a password, TeamPassword's built-in <a href="https://teampassword.com/password-generator">password generator</a> lets you create secure passwords between 12-32 characters using numbers, letters (uppercase/lowercase), and symbols.
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&nbsp;
Ready to onboard clients and freelancers securely with TeamPassword's robust <a href="https://app.teampassword.com/dashboard#signup/testimonial">password management solution</a>? <a href="https://app.teampassword.com/dashboard#signup/testimonial">Sign up for a free trial</a> to secure your company's digital assets today!

Here are ten successful freelancers and what they do. These freelancers have earned their place as experts in their given field.

Here are ten successful freelancers and what they do. These freelancers have earned their place as experts in ...

10 extremely successful freelancers and what they do

Here are ten successful freelancers and what they do. These freelancers have earned their place as experts in their given field with excellent track records—many have worked with the biggest companies in the world!

TeamPassword Blog

Browse our carefully created articles about Information Security, Password Management, Product Information, and Modern Business, all written with your team's safety and success in mind.

Most popular articles

Cybersecurity

September 21, 2021 ∙ 10 min read

What is password encryption and how much is enough?

What to do if you forgot your Facebook password?

Best types of usernames: username ideas to make your logins more secure

10 extremely successful freelancers and what they do

Cybersecurity

September 7, 2021 ∙ 6 min read

Who is Gothic Panda and how can you protect yourself?

Cybersecurity

August 31, 2021 ∙ 7 min read

Who is Energetic Bear and how can you protect yourself?

Cybersecurity

August 31, 2021 ∙ 7 min read

Who is Emissary Panda and How Can You Protect Yourself?

Cybersecurity

August 31, 2021 ∙ 7 min read

Who is Deep Panda and how can you protect yourself?

Cybersecurity

August 24, 2021 ∙ 11 min read

Who is Fancy Bear and how can you protect yourself?

Business

August 24, 2021 ∙ 9 min read

Keeping Data Secure When Working With Freelancers

The Password Manager for Teams

Product

Support

Channels

Legal