four Issues To Know About Password Safety
This week, President Donald Trump sparked outrage in the security industry after saying on a viral video that “nobody gets hacked”. In the widespread video, Trump stated, “Nobody is being hacked. To get hacked, you need someone with 197 IQ and they need about 15% of your password. “
This week, President Donald Trump said an attacker would need “an IQ of 197” and “about 15% of you” … [+]
The comments met with outrage, confusion, and amusement, and some even said Trump was just making a smart joke. Whatever the intent of the comments, they highlighted the importance of safety.
People are hacked and entire passwords are often stolen when violated. However, if you can improve your password security, you can improve your protection against hackers.
That’s why I’ve listed four things you should know about password security so that you can stay more secure.
Passwords should be clear and long
The first thing you need to know is that you have a unique password for each of your services. If you don’t, it means that if one of your online services is hacked, everyone may be hacked. Attackers actually rely on people to do so. In a type of cyber attack known as credentials, hackers attempt to test your password across multiple services to see if they can access it.
But there is more to it than that. All passwords should not only be unique, but also long and complex, says Jake Moore, cybersecurity specialist at ESET.
However, Sean Wright, head of application security at Immersive Labs, says a more complicated password doesn’t necessarily make it stronger.
In fact, he says that a longer password is the most important aspect. “I would recommend using passphrases to make the password longer, but easier for you (and only you) to remember. The quirkier the phrase, the better. Replacing special characters can also help improve the password. “
The password “smiling cats running around” would become something like “sm1ling_cats & rUn around”.
“It makes it harder to remember, but it’s easier than a completely random 25-character password,” says Wright.
If you want to keep it simple I would recommend a line from a book, song, or movie. This makes it easier to get the password, but it keeps the length you need to be more secure.
Use a password manager
Ideally, you should use a password manager like 1Password or LastPass to save your passwords for you. Not only does Wright help you remember all of your passwords, but he points out another benefit: password managers often hook up to security services like HaveIBeenPwned to notify you when your credentials have been exposed to a known hack.
Password books: yes or no?
Password managers are pretty secure, but a lot of people ask me about password books – basically a physical notepad that you use to list your passwords for services. Personally, I agree. If you don’t feel confident enough about using a password manager, use a book. Just make sure you keep this safe and never take it with you.
Moore agrees, saying a password book is “better than using a password or two for each account”.
Wright agrees, although he cautions that password books can be a problem if someone manages to break into your home. In addition, “It is advisable to ensure that they are kept in a safe place. So if you have people in your house from time to time (e.g. a contractor who is doing some home improvement), they will not be able to access them. “
However, he points out that a password book is not a suitable option for someone traveling, especially if you keep it with your devices that could be lost or stolen.
Two-step verification is key
Two-step verification or multi-factor and two-factor authentication – meaning your password in addition to one or more other authentication methods – is the best way to keep your accounts more secure. Sometimes this step happens without you even realizing it – think of Apple’s FaceID or TouchID on your iPhone.
But there are also other forms – for example the Yubico YubiKey, a physical security key that you connect to your device. Another similar tool is an authentication app like Authy, which generates a code that you can use in addition to your password.
In the end…
Hopefully, this article provides some easy-to-follow password security steps. In addition to these tips, there are a few other things to consider.
Always pay attention to e-mails and texts that claim to come from a trusted service and ask you to enter your details. This can be a scam. For example, if you want to use your Netflix account to check that everything is okay, just sign in directly through your browser or app to prevent hackers from accessing your data.