Internet users have, on average, around 100 account logins for which they must find unique and complex passwords and remember to change them regularly. Thankfully, using adequately secure passwords is not that complicated. This article will discuss what makes both bad and good passwords and how to choose the most secure passwords possible.
Passwords: What Not to Do
Never use simple or very short passwords. Hackers use something known as dictionary attacks, and with this method, they run common phrases and words to guess a password. According to CNBC, some of the most used passwords include 123456, 123456789, Iloveyou, and yes, password!
All these simple passwords are among those tested first during this type of attack. These basic and easily breached passwords don’t provide much security against hackers or anyone else. The tools for accessing passwords can be accessed freely by anyone on the internet. Avoid entering your most important passwords on public computers if you can. It is impossible to ensure a public computer’s security. Publicly accessible devices are prime targets for hackers, so you can expect to find malware, keyloggers, and other malicious software that aim to steal your passwords or financial data.
Don’t reuse your passwords on multiple accounts. Even if you have made sure to use a complex and secure password, you should not use the same password on multiple accounts, as no password is foolproof. The worst thing is to use the same password on several accounts, including your email. An article by SEON that discusses Account Takeover Fraud Detection & Prevention examines the need to understand this type of fraud. Account takeover, also known as account hacking, happens when someone obtains your personal information, including logins, and impersonates you intending to access financial information.
Once someone has accessed one of your passwords, they can easily test it against all the other accounts for which your email address is registered, including banking logins. Using fraud detection software protects against and prevents this type of malicious login. Well-known names such as Jeff Bezos, Elon Musk, and Kim Kardashian have fallen victim to this kind of account takeover.
With the above in mind, be sure to also avoid these common mistakes as these can definitely make or break your business.
Passwords: What You Should Do
Your password choice should take into account the latest technologies used by hackers to access your credentials. A secure password is difficult to guess, even by those closest to you. However, the difficulty is that you ideally want it to be easy to remember, especially if you don’t use a password manager. A good password should contain at least one upper and lower case letter, at least one number, and a special character; it should also be long enough. The best thing to do is choose a password that is a phrase.
For example, you could put together around five or eight words that mean something to you that you will easily remember but will not have any significance to anyone else. Add one or more capital letters, special characters, and numbers in places you are likely to remember, at both the beginning and the end, for example. The important thing to remember is you need to invent this phrase, not copy it from somewhere else, especially on the internet.
It is best not to use a known quote, verse, or song lyric, as it will likely make the password less secure. Hackers know that we all like to use free WiFi when available and save our data, and they take advantage of it. For example, a fraudster will go to a public place with a laptop and sets up a unique WiFi key that will appear to the users as a public WiFi hotspot. Unknown to victims who connect, the hacker can then collect all the personal data that the user enters when connected.
If you have no choice but to occasionally use a public computer to check your accounts, change the passwords on those accounts regularly. Use a VPN when connecting to your accounts from a public WiFi hotspot. When you connect to the internet via a VPN like NordVPN, your connection is encrypted, preventing any malicious person from compromising your security.
If you want to be extra sure that your passwords are safe, check for the presence of your credentials in data leaks. Several platforms offer to check the presence of your passwords in the latest data leaks on the Darkweb. For example, internet browsers such as Google Chrome and Safari have inbuilt features that automatically check for your passwords in data leaks.
Don’t underestimate the importance of changing your passwords regularly. Changing your password periodically is even more critical with your most sensitive accounts, such as your mailbox and banks. Don’t wait for a data breach to strengthen your security. Even before your credentials appear in a leak, they may already be in the wrong hands.
Use Security Systems
Enabling dual authentication gives you a safety net on your most sensitive accounts. Dual authentication, also known as two-factor authentication, means you will need three things to log into an account: your login, password, and a one-time code. A physical key can generate this code, a program on your smartphone like an authenticator, a password manager, whatever the platform, or be received each time via SMS.
Many platforms already use this authentication method for account logins. An article by BAUCE discusses what rules to follow to ensure your online security. Due to the prevalence of phishing attacks, paying particular attention to the security of your email accounts is vital. Any account you have created can send a recovery email to your address. This means that if a hacker has access to your mailbox, he can easily change all your accounts’ passwords.
Fraud detection software will flag suspicious connections and analyze IP information to reveal potential attacks. Businesses often use this type of intelligent software that uses machine learning for the highest level of protection.
Password managers (i.e. Bitwarden) go a step further by helping you change them with little effort to save time. Choosing complex, unique passwords for each account, checking them for data leaks, changing them regularly, and memorizing them, can quickly be neglected when done manually. Automating passwords makes sense. Password managers automatically generate solid passwords whenever needed, remember them for you and pre-fill them without ever having to remember them.
Managers make it easier for you to change your passwords faster and easier. They support dual authentication since they include a one-time code generator in any program. Most available solutions automatically check your credentials for the latest security holes.
The importance of good password management is clear! Thanks to the latest technologies and using some common sense, you can ensure that your accounts are safe and protected.