Password security has never been more important. We use a password for pretty much everything we do online, whether it’s logging into our email accounts, bank accounts, social media sites, shopping accounts, online forums, the list is endless!
With so many password protected sites, it can be tricky to remember separate passwords for each account so we tend to use the same password for a variety of sites to make life that bit easier. More often than not, these passwords will have very poor security and contain the names of family members, nicknames, dates of birth and other easily identifiable information.
This approach to password safety is very risky and leaves many people vulnerable to being hacked. Hackers have a range of tools at their disposal, but the easiest and most frequently used method to gain access to an account is to guess passwords.
Unfortunately, we make it all too easy for hackers by using simple and easy to guess passwords. “123456” is still the most commonly used password throughout the world and provides no protection whatsoever should a hacker target a device.
Sophisticated hackers will even use specialist software that enables them to test thousands of possible username and password combinations per second demonstrating the sheer brute force used to attack. 60% of people use the same username and password for all their accounts so if hackers are able to gain access to one account, they have free reign to break into them all.
As soon as hackers gain access to this personal information, they can use it to commit identity fraud, sell on to criminal third parties or simply clear out bank accounts and never be seen again.
Creating a strong password is crucial in protecting our online identity and ensuring that we don’t become easy targets for hackers.
Top Tips to Improve Password Security
1. Create Unique Passwords
The secret to creating a unique password is to make it memorable but difficult to crack. A strong password should be between 12-20 characters long, contain a mix of upper and lowercase letters, and include numbers or symbols.
To make it even more secure, you can create a pass phrase that is unique to you. The phrase should be around 15 characters long. The first letter of each word will form the basis of your password and letters can be substituted with numbers and symbols to add further protection.
2. Use Different Passwords for Different Accounts
With so many different online accounts, it can be tempting to use the same password for multiple accounts to gain quick and easy access. However, this is extremely risky and if attackers can work out just one of your passwords, whether it’s a Facebook account or your online banking details, they can potentially access every single account you have. It’s always best to use different passwords for different accounts to ensure your data remains safe and secure.
3. Consider the use of a Password Manager
It can be a daunting task trying to remember lots of different passwords, but a password manager will provide a centralised and encrypted location that will keep a record of all these passwords safe.
Password managers store login details for all the websites that you use and logs you in automatically each time you return to a site. The first step when using a password manager is to create a master password. The master password will control access to your entire password database. This password is the only one you will have to remember so it’s important to make this as strong and secure as possible.
Password managers can also protect against phishing attacks as they fill in account information based on registered web addresses. If you think you’re on your bank’s website but the password manager doesn’t automatically log you in, there’s a good chance that you’ve strayed on to a phishing site.
4. Update passwords
To ensure that your online accounts remain safe and secure, it’s best to update your password on a regular basis. If you continue to use the same password year after year on multiple accounts, it greatly increases the chance of your accounts being hacked.
Entire passwords can be changed, or elements of each password can be changed to make it easier for you to remember but harder to crack. Rather than change your full password, you can change characters, numbers, add symbols, or reverse the use of uppercase or lowercase letters.
If one of your accounts has been compromised, you should immediately change the password on the affected service and any others that use the same or similar password.
5. Two-Factor Authentication
Two-factor authentication offers an extra layer of defence in protecting the security of your accounts. There are a range of different two-factor authentication sites available that can be used for this process.
Once you have registered, you can log in into your accounts as normal and enter your password. As soon as you do this, the two-factor authentication site will send a one-off code to your phone that you must enter before gaining access to your account. This reduces the chance of a hacker being able to gain easy access to your accounts.
MetaCompliance specialises in creating the best Cyber Security awareness training available on the market. Our products directly address the specific challenges that arise from cyber threats and corporate governance by making it easier for users to engage in Cyber Security and compliance. Get in touch for further information on how we can help transform Cyber Security training within your organisation.