Mon. Nov 18th, 2019

Passwords Are Annoying, But Hackers Are Worse

Protection concept: computer keyboard with word Password Security on enter button background, 3d render

Security experts can agree that having good cyber hygiene isn’t simply about relying on the latest products and software for protection, and it’s also about employing basic steps in your day-to-day activities. And, one of those steps is having a strong password.

 

For most people, passwords are annoying. And for this reason, people do everything in their power to simplify the process. So instead of creating strong, unique passwords for ALL of their accounts, they create one (maybe two) basic passwords and use them for everything.

 

In fact, telemetry data from Google, for more than 650,000 users of its Password Checkup Chrome Extension, found that 1.5 percent of all logins used across the web are vulnerable to credential stuffing attacks.

 

Why? Because people “reused breached, unsafe credentials for some of their most sensitive financial, government, and email accounts. This risk was even more prevalent on shopping sites (where users may save credit card details), news, and entertainment sites.”

 

Additionally, “outside the most popular web sites, users are 2.5X more likely to reuse vulnerable passwords, putting their account at risk of hijacking.”

 

Source: Google

 

What can you do to improve password security?

Passwords are annoying; we get it. So below, we’ve included simple, actionable tips to increase your password security:

 

Avoid common passwords

It seems obvious, but as we said, people go to great lengths to simplify the password process, and that includes using passwords like 123456. Other common passwords include:

  • qwerty
  • welcome
  • football
  • abc123
  • admin

 

Other obvious passwords include names of children, significant others, pets, street names, musical bands — all of which can be easily accessed with a small amount of research. Avoid using these common passwords to strengthen the security of your accounts.

 

Use two-factor authentication

One of the best ways to protect your online account is two-factor authentication. Simply put, two-factor authentication adds a second step in your usual log-in process. Once you enter your username and password, you’ll be prompted to enter a code sent as a text message or an email, or sometimes as a push notification on your phone.

 

In all, it usually only adds a few extra seconds to your day.

 

And those few seconds go a long way in protecting your data. According to Google, two-factor authentication can prevent most account hacks. Check out this article if you want to see the four main types of two-factor authentication ranked in order of effectiveness.

 

Use a password manager

Using a password manager is the easiest way to keep your personal and private information safe. A password vault stores your passwords securely, allowing you to save the information in the cloud or on your personal computer. This allows you to use truly random combinations in all of your passwords, making them much harder for malicious actors to crack.

 

Enhancing your passwords and login credentials by following these tips is essential to keeping your personal information secure and keeping hackers at bay. For more information on how you can improve your overall security stance, contact us at sales@layer7data.com to speak to one of our security professionals.