October is a month dedicated to Cyber Security Awareness. As a part of this marathon Falcongaze analysts have decided to share with you some lifehacks that can help secure accounts. It is important, considering the growing scale of leakages that disclose terabytes of personal information. Accounts protected by simple passwords are at most risk. So, how to secure your data?
Passwords should be as long as possible; otherwise, they could be hacked easily. The technology that submits phrases with the hope to eventually guess the correct one and hack an account is called brute-force. For example, computers for hacking can handle 350 billion variants per minute. So in order to protect your account, the password should be long and random. We’ve considered the length, now it is time to discuss ‘randomness’. Passwords shall not contain any proper noun or the name of any person, pet, child, or fictional character. The best is a random set of characters containing numbers, symbols, uppercase and lowercase letters. Then brute-force will take a billion of billion years. But here we have another task – to keep in mind a long and random password.
You can invent a code phrase from random words and use only the first three letters of it. However, you should not use well-known phrases like ‘iloveyou’.
If you are not a fan of remembering dozens of code phrases or random sets of characters, you can use password managers. Some of them are available for free and the others will require a little money. A password manager generates random passwords to all your accounts and keeps them under the protection of a master password. Thus, the only password you have to remember is the one to the password manager. Using which you get access to repository of all your passwords. Can attackers hack a password manager? Yes, in theory. But the reality shows that this happens very rarely. Even having a password manager hacked, the attacker will not get access to your passwords, as they are protected by additional encryption. However, before using a manager read about it and choose carefully.
People tend to use a good complex password they managed to remember everywhere. Why they should not do it. Big corporations use the best security practices for personal data protection. However small sites do not have such resources. So an attacker can easily steal sensitive data.
For example, you have designed and remembered a strong password to email and want to use it everywhere. But if you use the same password for a small online store’s account, you will compromise your data. The site could be hacked and if the password gives access to your email you will lose letters and contacts.
So to summarize, passwords should be quite long, complex and different for most sites. Only in this way, you will protect your accounts as efficiently as possible.