It is a common understanding that passwords are supposed to protect our accounts. But how much does your designated password protect you and your information? If the bad guys come hacking into your personal and corporate accounts one day, how sure are you that it’s going to be a tough job for them? Let us help you assess how easy it is for a hacker to take a quick guess of your password.
Your password is your first line of defense from wrong doers in the digital world. And yet, it is something that we often overlook and take for granted. When was the last time you spent a dedicated amount of time to think about what password to use for your new account? We often just use a single password across all of our accounts to save us the time and effort. Am I right? This is a definite no-no! Using a single password for all accounts is just making a hacker’s job much easier. So what is the best way to manage passwords and protect your accounts?
In order to plan for an effective account protection strategy, let’s start with a rundown on how hackers guess passwords:
Wild guessAlthough you can’t really call it ‘wild.’ These hackers are trained to squeeze the juice out of your public information just to get a list of sophisticated guesses to your password. They use sophisticated programs and procedures to ultimately catch that one ticket into your personal data.
Shoulder SurfingSadly there are lurkers who discreetly stick their heads out from behind your shoulder as you type in your password, prying on what you type and browse. Don’t underestimate them - always be cautious of who can see your information in your surroundings.
Dictionary-based attacksThere are some hackers who are so hard working that they would endure matching your personal data with every word in the dictionary. Yes, they exist. They would browse through every possible word to partner with, for example, your birth month, in order to guess your passwords.
PhishingBe careful of strange emails that you find in your inbox - this might be a phishing attack. They might be schemes sent by scammers who are trying to lure you into clicking and opening malicious files that intend to steal your personal information. As of October 2018, phishing activities has already cost victims $47,676 of loss this year (source: scamwatch.gov.au). So beware of being tricked into opening an email about winning a brand new car and clicking on links.
Brute-force AttackAs the label implies, it’s a pretty vicious attack on your accounts. All the hacking techniques mentioned above are used on your account to track your keystroke and eventually get whatever important data can be stolen from you.
Knowing these hacking strategies and your current password choices, can you confidently say that your accounts are safe? Now that you already have an idea how cyber criminals do it, here are some ways on how you can minimise your risks:
Password Security Tips
Create a password with at least 8 characters.
Make use of a variety of lowercase and uppercase letters, numbers and special characters.
Never use your personal data in your password. Remember how hackers can 'guess' well?
It’s better if you don’t use real words.
Make random patterns that hackers will have a hard time following.
Hackers can track your keystrokes in order to decipher which letters or characters you are constantly using. Making your password random can help minimise the risk of getting your usual password input tracked and followed by cyber criminals.
You can also have a look at an infographic of an anatomy of a secure account to have a more comprehensive view of how you should be securing your accounts.
Don’t take your password for granted and take the easy way out, rather than thinking of a good one. And if you’re like me who tends to forget anything (and everything), including passwords, there are tons of useful tools and apps that you can use to store your precious security passcodes.
Here are some of the more well known password management programs.
It is an open source software (which means it’s free!) that features 2-Factor Authentication, end-to-end encryption and enables syncing to multiple devices without limits. It also boasts a password generator and runs through multiple operating systems.
At Grassroots IT, we recommend the BEST way to protect your accounts is using Multi Factor Authentication (MFA). So that even if the hackers guess your passwords, they still need a real-time authenticator to get into your accounts. Read more about that over here.
It can be easy to overlook such a thing as your account passwords but we really do live so much of our lives online these days, that it’s become increasingly important to be vigilant about protecting our personal information and corporate data. If you need any help setting up some additional security for your personal accounts, don’t hesitate to make a time with us.