Passwords are your first line of defense against account takeovers. Yet only a handful of internet users know how to manage them safely.
Nowadays, people use 40 different apps on average. Two decades ago, you had to remember only a few passwords—one for email, another for online forums, and maybe one for a gaming platform. There just wasn’t a lot to do on the internet. The situation has changed drastically. What’s more, smartphones revolutionized the way we connect to the internet. Their opened possibilities renewed the problem of safe password management.
You don’t have to be a tech pro to secure your passwords. Below you will find some easy steps you can take right now. But first, let’s take a look at why it’s important.
Last year was not a good year for password safety. Firstly, hardened cybercriminals hacked Colonial Pipeline’s computer network. They infected the system with ransomware, halting all operations. Unable to cope with massive potential revenue loss, the company paid a five million dollar ransom. Later cybersecurity forensics identified that the attack exploited a compromised password.
But casual internet users should beware just as much. Hackers are actively deploying credential stuffing attacks to steal valuable online accounts. For example, nearly 200,000 North Face apparel customers fell victim to a successful credential stuffing attack.
This attack is particularly troubling because it requires little hacking know-how. Cybercriminals can simply search the dark web for leaked user credentials. Then they can try the same credentials on other services. For example, you might use the same password for Facebook, Spotify, and Netflix. If your Facebook credentials leak, then you might lose the other two. This process is optimized so that hackers can target hundreds of accounts simultaneously.
Losing a Spotify subscription can be a minor nuisance, but imagine losing your Instagram account with thousands of followers.
Luckily, improving password management is an effortless task. Here’s what you can do to protect your online credentials:
Use safe passwords
Avoid using easy passwords for online accounts, such as “password” or “123123”. It just makes it easy for hackers to crack them. They can simply brute force your account until they guess your password.
Here are four tips on how to generate a strong password:
Your password should be no shorter than 12 characters;
Don’t include any personal information (i.e., name or surname, birth date, pet name, etc.);
Include lower and upper case letters, numbers, and symbols;
Generate a unique password for each service and check for data leaks.
Naturally, the question is how to manage so many different passwords. Continue reading for an easy solution.
Get a password manager
Password managers are game-changers when it comes to cybersecurity. Yet many internet users still don’t know about them. There are various password managers available online that you can try. However, we recommend using a reputable paid service with additional password safety features.
So what do password managers do? A password manager is essentially an encrypted vault. This vault stores all your passwords in one place. You are given a master password to access it. So instead of remembering dozens of long passwords, you only need to remember one. Make sure you do not lose your master password under any circumstances as it’s a tough task to recover.
It may sound problematic to store all your passwords in one place. But password managers excel at keeping them safe. Most password managers use the AES 256-bit military-standard encryption. Others even implement XChaCha20 encryption, widely used by companies like Google and these algorithms are nearly impossible to break.
Along with this, well-developed password managers have zero-knowledge architecture. It means not even the service provider can access to your vault. It’s reserved for your use only.
Enable multi-factor authentication
Multi-factor authentication (or MFA) is considered one of the best ways to protect your online accounts. Popular services like Twitter, Gmail, and Steam provide MFA features. Instead of relying solely on a password, it will ask for additional identity verification. For example, it will send an SMS message with a code or an email for additional verification.
MFA complicates account takeovers. Even if cybercriminals have a legit username and password, they cannot verify the log in via phone or email. And hacking into smartphones or Gmail is an entirely different process. Most hackers will be instantly repelled and leave your account alone.
These three easy steps will significantly improve your online safety. With increasing cyber crimes, there’s always space for precautionary actions to maintain your online security. Be sure to follow our tips, whenever possible to attain maximum account protection.
Remy is a technical writer at TechPout. Being an IT enthusiast, he inclines to write about contemporary technology and growing security for machines. One steadfast follower of Baseball, Remy is an active social worker and a gastronome.
Subscribe to Our Newsletter and stay informed
Keep yourself updated with the latest technology and trends with TechPout.