Making every password safe and secure is something we all overlook from time-to-time. We all know the hassle of memorising dozens of passwords for each individual website. It’s a lot. So, we occasionally take shortcuts. That “laissez-faire” attitude is one of the biggest ways cyber-criminals get access to our information.
Amazingly, “password” and “123456” are still some of the most frequently used passwords online. Some people don’t even change the default passwords on new devices. This means that anyone can pick up a router, look at the sticker with the original password, and potentially access everything on that network.
The first thing a hacker will try is a guess. Why go through the hassle of breaking in if all they have to type is “qwerty” or “admin”?
So, when you create a password, make the effort and make that password safe. When it’s time to update a password, rinse and repeat. Steer clear of simple, commonly-used patterns or words.
The only way to make your password safe is to include: uppercase characters, lowercase characters, numbers and symbols. Or, a simpler way to do this is to use a “passphrase”. These are typically 20+ characters long but are both more memorable and harder to crack.
The most straight-forward hackers crack passwords is using a “brute force” attack. During these attacks, a bot (automated robot program) will try every combination of letters and numbers until it stumbles onto your password. If your password is actually a pass-sentence, it’ll take a lot longer to guess – we’re talking centuries rather than seconds.
The criminal may also be working with information from a data breach. They’ll use a similar bot to try everything from a long list of leaked passwords. If your password isn’t particularly strong, there’s a good chance someone else on the internet has happened to use it too – if theirs has been leaked, so has yours.
Yes, that’s overwhelming. There’s no way to remember that many unique words and phrases (well, maybe there is, but nobody’s got the time for that). The most effective way to generate and remember safe passwords is to use a password manager like the one built in to Google Chrome.
Criminals can access your accounts if you’ve unknowingly used an infected public computer. Someone may have installed a keylogger or spy software (spyware) on that system. A keylogger records everything typed on a keyboard, and can pinpoint passwords or other key information. To stay safe from these, try to only log in on systems that use your password manager. It’s also a good idea to use your mobile data rather than a public network (think restaurants or airports) to make sure your connection itself is safe.
Finally, the most common form of hacking – the phishing attack. For example, you get a “security warning” email from your “bank”. An urgent message pushes you to click the link to reset your password. From then, they’ll prompt you to log in on a seemingly authentic website. Now the hacker has your email and password.
Social engineering is the easiest form of cyber-crime, because humans are almost always the weak point. We occasionally get tired, forget things, or act without thinking or checking. Hackers know the easiest way around someone’s safe password is just to ask for it, but in creative ways.
Keeping your account safe from social-engineers isn’t just about your password itself. More commonly, they’re looking for personal information. These could be dates or places used in your password, or the answers to your security questions, which are equally important to keep safe.
It seems simple, but don’t befriend strangers. Keep your social media profiles private. Don’t reel out your personal information to anyone who asks. Anything that may be a hint to your password, or part of it, is for your eyes only.
Check who sent that email – the address, not just the name. Hover the mouse over the link to see where it goes. If you’re doubtful, find another way to contact the “sender” and check. If a bank or social network send you a link to log in, it’s a good habit to search for the site yourself, keeping your password safe from potential counterfeits.
These are the more common precautions available to everyone to keep your passwords safe and strong. Still, setting up a password manager and improving your internet security are musts.
Need help and advice staying secure online? Contact our experts today! Call us at 03333 055 055
No comments yet.