Passwords are a daily thing in modern life, used at home and at work on our computers, phones, tablets, websites social media, banking apps, and so much more. Passwords are vital to safeguarding our information and security, so it is important to have passwords that are as secure as possible.
Surveys have shown that users will reuse the same passwords across multiple sites, applications and devices. With passwords rarely being regularly changed and many of them being very weak. With so many things requiring a password, it’s understandable that users will reuse passwords, and use passwords that are weak and insecure.
The weakest of these passwords are normally including the following;
- Favourite sports teams and movies
- Family member names
- Family member birthdays
- Phone numbers
- Simple changes to common words, e.g. P@ssword
Much of this information is easily gathered by an attacker, from platforms such as social media. With an attacker able to try on average 10 attempts at a password per minute. With the aid of a computer, this can be multiplied significantly.
Protecting yourself is as easy as creating unique, mixed symbol passwords that aren’t easily figured out from basic details of your life.
It might seem like a great idea, not to mention convenient, to use your daughter’s (or son’s, or pet’s…) name and birthday as all of your passwords. The problem is that all this information can be guessed by people who know you and can easily be discovered by strangers online. Hackers know all the typical combinations of passwords people use and are well-versed in looking up the details to trial-and-error their way into your private information.
Keeping your passwords strong is vital to your digital safety, but it isn’t enough. You also need unique passwords for all of your devices, apps, and websites. That way, if a hacker somehow finds out one of your passwords, they don’t immediately gain access to everything else. It is also vital that passwords used in your work environment are not used outside of work for personal logins.
How to create a strong password
- Use a mix of lowercase and uppercase letters
- Place numbers and symbols in the middle of the password, not just at the end
- Be sure to take advantage of special characters supported (e.g. $, &, @, etc.)
- Opting for a longer password is always better than a shorter one
- Don’t use your children’s or significant other’s names as a password
- Use different passwords for each of your websites, apps, devices, etc.
- Avoid using sequential numbers as a password
- Avoid using “password” as a password
- Don’t use dictionary words as passwords
Best practices for passwords
- To add an extra layer of security, use multi-factor authentication wherever possible. This confirms your identity by utilizing a combination of multiple different factors, such as something you know or something they have, such as a token generator on your smartphone.
- Never repeat the same password for different accounts.
- Change your password at least every three months. This will lock out cybercriminals who may be using your account, protect you from brute force attacks, and remedy the issue caused by cybercriminals who purchase lists of usernames and passwords obtained through data breaches.
- Ensure no one is watching as you enter passwords.
- Be cautious when downloading files from the internet as they may contain key loggers as well as password grabber malware variants that will compromise your password. A good practice is to regularly scan for the presence of such malware.
Where possible it is always advisable to use Two-Factor Authentication, providing an added layer of security and a roadblock for would-be attackers attempting to crack your password. Almost all banking and email providers now offer some form of secondary authentication. These would normally either be a notification on your phone, a code sent to your phone via SMS or email.
Password managers are useful tools for keeping your passwords securely stored. They come in many variations, with some storing the information on the cloud, others on your local PC. Some have different features such as filling in web forms, remembering app passwords. There are free and paid-for password managers.
So long as you are following the rules to stay safe then your passwords will remain secure, ensuring that passwords are complex enough not to be guessed, are only used once, and regularly changed will ensure your data and information remains secure. Passwords are only ever as strong as you make them, they are the key to your information, so ensure you have strong passwords.
Dark Web Monitoring- a must when it comes to cybersecurity. How many of your credentials have already been leaked and are available for purchase on the Dark Web? Reach out to us and we can perform a free, no strings attached scan for you to put your mind at rest.
Dashlane – https://www.dashlane.com/ – Rated as one of the best password managers.
Authored by our own, Gary Scaysbrook