May 4 is coming up and has been designated as World Password Day to remind enterprise workers and consumers everywhere to use strong, updated passwords to protect cybersecurity.
World Password Day is a celebration to promote better password habits. Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work and life communications.
Security firm BullGuard cited recent studies showing that 90% of all passwords are vulnerable to attack in seconds. Also, 10,000 common passwords like “qwerty” or “12345678” allow access to 98% of all accounts, BullGuard said. Amazingly, 21% of online users rely on passwords that are 10 years old, the company said.
So, why not jump on-board – here are some great tips to get you started!
How do I create strong passwords?
The key to a strong password is length. Your passwords should be 12 characters long at the very least, and difficult for someone to guess. Avoid using personal information, especially if someone can find the answer on social media, or by searching your name online.
In addition to length, secure passwords also use a mix of uppercase, lowercase, numbers and symbols.
This may seem daunting but there is a simple solution. Try using a passphrase instead of a password. A pass phrase is a short saying that you modify to become a strong password. For example, “Thund3r Sh0wers at Suns3t” would be a very strong password that’s also easy to remember.
Why use different passwords for each account?
Imagine if one key opened your front door, your car, your bank, and your safe. If someone got hold of your one key — poof — they have access to everything. That’s more or less your situation when you recycle passwords. If it’s someone has access to your one, key password, they have access to everything.
Cyber criminals know people reuse passwords, and after a major password leak, they’ll try using those passwords and email addresses to get into all kinds of sites. Often, it works.
Don’t get caught in this trap. The solution is simple: have different passwords for every online account. That way if one account is compromised you can rest easy knowing your other accounts are still safe.
If you think it would be difficult to remember all those passwords, move on to the next section for an easy solution.
Why get a password manager?
A good password manager safely stores all your passwords, remembers them and can generate strong passwords for you. This makes it incredibly easy to use different, hard-to-remember passwords for every account, so you only have to remember the one master password to get in. All the security – less hassle!
But what if someone gets your master password? Luckily, quality password managers have prepared for this by ensuring they only work on your registered devices. That way, if someone tries to log in from an unregistered device, the password manager will block access until the user completes a second, or third login step, like entering a secret code that is emailed or texted to you. If you get an email saying someone is trying to login from an unknown device, you’ll know you should change your master password as soon as possible.
In addition to emailed and texted codes, some password managers also let you add fingerprint, and face recognition options and devices you trust — this is called multi-factor authentication, and it offers convenient, powerful protection for your password vault.
What is multi-factor authentication and how do I use it?
How does multi-factor work?
If you’ve ever used a fingerprint reader on your phone, you’ve used multi-factor! For example, when you download an app from an app store, it first checks you’re on a trusted device (Factor 1) and then verifies you’re you with your fingerprint (Factor 2).
If you’re on a computer, usually it’s like this: when you enter your username and password, you’ll be asked for a verification code that will be texted to your phone. Pop in that single-use code, and you’re in. Ta-da! Multi-factor authentication!
Why should I use multi-factor?
Last year, 450 million passwords were leaked from major Internet companies. Adding an extra layer to your passwords significantly decreases the risk of someone accessing your account. Think of it like a second lock on your door, or a moat surrounding a castle.
One thing to realize is that two-factor authentication (2FA) is one of the best methods to protect the account you log into. If you are accessing your work systems remotely you should have a 2FA solution in place.
If you don’t, one of our experienced professionals would be a happy to discuss implementing this for you and your organization..
Give us a call at (732) 780-8615 or send us an email at firstname.lastname@example.org to schedule a consultation.