When you think about it, your usernames and passwords are the ‘digital keys’ for unlocking all of your company’s data as well as your own personal information in the digital world where our entire lives are now spent: social media, banking, email, shopping, etc…
Keys to the kingdom
While most of us keep our offices and homes locked/secured and would never hand over the actual building keys to just anyone off the street, you need to care about keeping your ‘digital keys’ safe and out of the hands of cybercriminals. There are numerous techniques that hackers use to crack your passwords like:
- Guessing your password. They do this by looking at your security questions, your social media presence, or any other found information that you may have posted online as clues. That is why it is vital to not include any personal information in your passwords.
- Using a password cracker to continuously attempt various combinations, cycling through common words people use in passwords until it breaks the password and gains access to the account.
- Phishing, where cybercriminals trick, intimidate or pressure you through social engineering into giving up information. A phishing email may alert you (falsely) that there’s something wrong with your account and direct you to click a link, taking you to a phony website built to resemble the account’s site where you will enter your password…Once you do, they have it.
Selecting a secure password is the first (and most important step) to make sure your digital access stays protected. Many people still have the bad habit of using weak passwords, or worse, the same passwords across multiple accounts. Doing this may be easier for a user to remember, but if there is a security breach on one account, every account that uses that same ‘digital key’ could be compromised as well. Another significant security risk to be aware of is the sharing of passwords between employees and storing passwords insecurely.
Strong Password Tips + Examples
- Complex passwords are tough to crack so use a minimum of ten characters. To create complex but memorable passwords, use different types of characters, a mixture of lower and uppercase letters, symbols, and numbers.
- Do not use directly identifiable information. The ones trying to hack into your accounts may already know personal details such as your phone number, birthday, address, etc. They will use that information as an aid to more easily guess your password.
- Use a unique password for every account and every person. Your unique list of passwords should be kept safe. If you want to reuse the same password phrase across numerous accounts or shared, customize it so that each is a bit different per account/person. Here is an example we found utilizing the same phrase “Humpty Dumpty sat on a wall” for Amazon, Netflix, and Google accounts:
-
-
- MZn+humTdumt$@t0nAwa11
-
-
-
- humTdumt$@t0nAwa11@gOoGL
-
- humTdumt$@t0nAwa114netFLX
-
-
- Avoid common dictionary words. This is the toughest one to avoid. The temptation is always there to use ordinary, everyday dictionary words. A strong hacker will have a dictionary-based system to crack passwords, so, if you must use a single word, misspell it or insert numbers for letters. Use a word or phrase and mix it with nicknames, acronyms, abbreviations, upper and lower-case letters.
- You may also find remembering a sentence (something easy for you, but complex for others to know) might work well, such as: “My favorite toy as a child was my pink 10-speed bike that I got for $25 at Bennys” =‘Mftaacwmp10sbtigf$25aB’ – Take the first letters of each word, and you create a powerful password with 21 digits.
The bottom line, the more complex and more extended your passwords are, the less likely it is the hacker will be able to figure it out.
Staying Secure and Protected
In addition to having a secure password, the best way to be sure your accounts stay safe, even if you were to fall victim to a phishing attempt, is to also use Two-Factor Authentication (also known as 2FA). 2FA is a two-step verification process in addition to using a password. It requires something that only that user has access to, like a document or piece of information only they should know or immediately have on hand, like a token of some type. Using this technique makes it extremely difficult for cybercriminals to gain access and steal the identity or personal information of that person. You can learn more about it here.
Following the rules, we have listed for selecting strong unique passwords and using 2FA to establish and maintain safe accounts, secure email, and personal information is really imperative to keeping your ‘digital keys’ out of the hands of cybercriminals, but don’t forget to change your password often and anytime you even suspect any type of cyber hacking activity. Cybercriminals are continually finding new methods to steal your information, so you need to stay ahead of them and Braver is here to help you stay educated and vigilant navigating this cyber jungle.
Braver Technology Solutions | WeMakeITWork@BraverTechnology.com
Boston 617.315.8515 | Taunton 508.824.2260 | Providence 401.484.7900