According to Microsoft’s Cybercrime Center, 1 in 5 small businesses are targeted in cyber crime attacks with 81% of data theft due to weak passwords. That’s a massive number!
There’s generally a negative correlation with security versus convenience. As things become more convenient, the less secure they are and vice versa. Most people opt for convenience over security and simply use their same password for everything. It’s easier to remember just one password but chances are, while this password is easy to remember, it’s also easy to guess… it’s more than likely under 8 characters and probably contains any combination of a birth year, street name, zipcode, sports team, pet, or spouse's name. Was I close?
It’s not your fault, we’re actually conditioned to create passwords that are easy to guess. It’s hard to remember a completely random string of characters with upper/lowercase letters, numbers, and special characters. We tend to gravitate towards things we know like names and dates effectively reducing how hard we have to work when we login. But, in age of social networks and machine learning, it’s possible to uncover these personal identifiers in a few keystrokes.
Some people think that writing passwords down adds more security. To make it more convenient, they’re usually stored in some digital version on a computer or cloud account in raw text. Most of the time, the file is even named “passwords” so it’s pretty easy to do a quick search and find. And, if there’s no backup, it’s a single point of failure. In most cases too, the password list has been shared or emailed effectively removing any barrier for an attacker.
What about using “log in with” services like Google and Facebook? Because you are essentially logging in with the same login as another account, these “log in with” services should be avoided. Websites that use these “log in with” services also make requests for additional personal data about you along with permissions which can be used against you.
To keep your accounts protected, you need to create strong, unique passwords for each of your online accounts. Just like in the physical world, the more complicated the key, the harder it is to break in. And, you’ll want a different key for each door. Who wants to carry around hundreds of keys though and how do you remember which one goes to which door?
There’s generally a negative correlation with security versus convenience. As things become more convenient, the less secure they are and vice versa.
It’s time to consider a password manager. Password managers remove these barriers by generating and storing complex passwords for you automatically. With the password manager available on all your devices, you simply need to remember the one “master” password and you’ve got access to the rest.
You don’t have to worry about typing your password either. Most password managers today also perform auto-typing. This not only protects against keyloggers and clipboard attacks, but you won’t have to struggle through entering a series of random characters one at a time.
As you setup new accounts online, you can leverage a password manager to automatically create and store a long, complicated passwords for each account. As you log into existing accounts, you can start updating your old passwords with new more complicated ones.
Good password managers store all of your data in a “Trust No One” or TNO environment meaning not even the software creator can recover your passwords. All of your data is encrypted as you enter it reducing the likelihood of a data breach. This allows your data to be stored online and synced across your devices creating built in redundancy.
You’ll still find yourself in a situation where you need to share a password with your spouse or trusted friend. Before you fire up your email compose window, know that email is one of the most insecure methods of communication. After you press send, your email hits a number of servers along their path each with the ability to eavesdrop on your conversation. It’s like sending your password on a postcard through the mail.
The advantage with a password manager is you still only have to remember one password. As a result, you should consider making this one password a lot more complicated and implement some version of multi-factor authentication. Consider creating a passphrase which is a group of nonsensical words strung together which implement a series of capitalization, punctuation, and numbers.
The longer the password, the better. Consider the following password: &CapitalWr-ngTestByte which would take 12 sextillion years to crack. Test your password
• • •
Add and extra layer of security to your online accounts by leveraging a time based one-time pin generated from a secondary device like your smartphone.
One of the best ways to secure yourself online is to use a unique password for each online account but how can you be expected to remember these? We've got just the thing...
There are a lot of factors to consider when building your next website. With a lot of buzz around WordPress, you need to know what you're getting yourself into.
No matter the issue you're facing, we have the technique and tools to get you quickly back on your feet. Whether we're talking about your PC hardware, network, website, or anything else with a power button we're just a few questions away.