Improve Password Security To Defend Against Bad Actors
Now more than ever before, we’re using personal and company devices and apps to work from home, triggering new privacy concerns. In this new scenario, passwords are essential to define the cybersecurity of your company and to defend from cyber-attacks. If you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take the shortcuts we present in this article.
Incredibly, there are still people out there using “password” or “123456” in their access credentials. And some other people don’t even change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.
Tip #1: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.
Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.
Tip #2: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.
If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.
Tip #3: Use a complex password including numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it’s unique to you.
The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.
Tip #4: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.
Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.
Tip #5: Be cautious about your online activity on computers or networks you don’t trust.
Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.
Tip #6: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.
In a study that spanned just three months (January to March 2020), Microsoft found that 44 million of its users had used the same password on more than one account – and that’s just the tip of the iceberg.
Get to know some cold hard facts, published by our partner ID Agent:
• 42% of organizations rely on sticky notes for password management.
• 22% of employees surveyed have shared their email password for a streaming site.
• 17% of employees in the survey have shared their email password for a social media platform and for online shopping accounts.
• 72% of people reuse work passwords for their personal accounts.
Your passwords are a valuable asset. We can help you to improve your password security, setting up a password manager and amping up your internet security.
Obtain support to get ahead of cybercriminals. Our experts can help, contact them today! 305 400 0992.