Each year on the first Thursday in May, World Password Day promotes better password habits. And last Thursday, 7 May 2020, was no exception.
If you did not realise, passwords are the critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work, and life communications. Imagine them as being the front door to your house, or even the security guard to your estate. In fact, what is shocking is that as of right now, HaveIBeenPwned (a database of real-world passwords previously exposed in data breaches) reports 555,278,657 stolen passwords in their database! That’s like 100 times the population of Singapore!
What’s even worse is that large portions of these passwords and the countless unaccounted for in unknown data-breaches are constantly being bought, sold, and used in the dark web to exploit individuals and organisations at large.
Hence, in a cyber world, secure passwords are important. Other than keeping your information offline, long, unique and complex passwords protect your valuable information best. Another tactic is changing your passwords every few months or any time you think your accounts have been compromised.
So let’s dive right into three tips to protect your passwords!
Tip 1: Start Passphrasing!
Have you ever struggled to come up with a strong enough password for a new login? The easiest way to get around this, while still creating a password that’s easy enough to remember, is passphrashing!
Now, you might be scratching your head at this point and questioning, “what on earth is ‘passphrasing’?! I’ve heard of ‘paraphrasing’, but never ‘passphrasing’!” Well, truth be told, I too have never heard of this word till today! But let me break it down for you.
‘Passphrasing’ is essentially using an acronym; you take the first letter of each word in a sentence or phrase, and use it to make a password!
For example, “I’m going café hopping after lockdown” could be used to make a passphrase such as “iGcHAl831”, with the addition of some random numbers after to make it just a tad more secure.
This way, you have an easily memorable password that’s much harder for a hacker to guess or crack. Remember to use a mix of upper & lower casing, as well as some numbers & special characters for extra strength.
Tip 2: Regularly Change your password!
Passwords should be treated like your toothbrush. Never share it around, and change it regularly.
The reason for this is that even if you have a strong password that is entirely unguessable, it can still be lost or stolen in other ways. Take, for example, the recent Zoom security issues; one of which saw a large pool of passwords stolen during a data breach and sold on the dark web.
In this scenario, weak and strong passwords alike were outright stolen and leaked entirely outside of the end-users control. And considering that on the dark web, password trading and password dumps are still being performed regularly, sometimes in chunks upwards of 2billion at once, it’s more likely than not that your passwords are already out there.
Even if you have a strong passphrase, change it often to ensure that your password is private & secure.
Tip 3: Use a password manager!
Now I don’t know if you realise this before but we have a limited amount of memory. For instance, I reckon, if I asked you now what did you have for lunch and dinner last Thursday, you probably would not remember!
Therefore, rather than scrambling to remember each and every unique password, or worse, compromising the strength & complexity of your passwords to ensure that they are memorable, use a password manager!
Now, when I say use a password manager, I do not mean use your browser’s auto-fill function as this feature could compromise your security too. However, the way that password managers work is similar to how a browser’s auto-fill works. When logging in to an account, you type in your username & password just once, then your password manager securely stores and remembers them. Next time you log in, the password manager will take care of the grunt-work and log in for you.
The only password you still need to remember is your master key for the password manager itself.
You’re probably thinking that this doesn’t sound safe, but in exchange for this easy login tool, good Password Managers bulk up their security on the master login. Often times, you’re required to know your master-key, have a two-factor authentication code, and authorise the device that you’re logging in from.
In exchange for that hassle, you don’t need to write down or remember any of your other passwords, and they’re actually kept safer as a result!
Some password managers are LastPass, 1Pass, and the updated Google Password Manager with Two-Factor enabled.
Some other tips:
And while we are at it, here are just a few more tips to get you going:
Change an old password to a long, strong one
Turn on two-factor authentication for your important accounts
Password protect your wireless router
Don’t store passwords on your computer or phone
Log off when you’re done with a program
Periodically remove temporary internet files
And if you are interested in boosting the IT Security aspect of your company, check out our new and latest IT Security services here! Alternatively, you can click the green button to contact us below!
eVantage Technology is a professional and trusted IT solutions provider, dedicated to providing exceptional service to companies in Singapore and across Asia.