Below, our Business and Tech writer – let’s call him Allen – shares valuable tips on cybersecurity; keeping you and your family’s online life secure, multi-factor authentication, encryption, and password managers. We highly suggest you read this post thoroughly and share these valuable tips with your friends and family. In today’s world, one can never be too prepared.
123456 123456789 qwerty 12345678 111111 1234567890 1234567 password 123123 987654321 qwertyuiop mynoob 123321 666666 18atcskd2w 7777777 1q2w3e4r 654321 555555 3rjs1la7qe google 1q2w3e4r5t 123qwe zxcvbnm 1q2w3e
If you see your password in this list… you’re done.
Most people want to keep things simple.
Well, this simple isn’t secure. This list above are the 25 most commonly used passwords. There is even bigger list here www.passwordrandom.com/most-popular-passwords. It contains the 10,000 most commonly used passwords .
(ProAdvice: PLEASE DO NOT USE THE PASSWORD CHECKER ON THEIR SITE. I don’t think you should type your password anywhere except where you should use it. Got it? Good.. moving on..)
So now that your password has been shared with the world or maybe you know your kids, pets or cars name isn’t secure either… lets get you more secure.
1. USE A PASSPHRASE NOT a PASSWORD
You should use a 9 character passphrase with with special characters. Like
“FromNowOn!WillUse1B!gPassPhrase$.” Short or common passwords can be easily guessed or attacked sequentially. For many of you, you are thinking there is a password lock out feature that keeps lowly hackers from trying all the password possibilities. In which you are right.
Most sites or apps block multiple attempts and either lock the account or offer an option to change the password after many failed attempts. However, hackers rarely use this tactic. Instead, they compromise the website or app and collect the encrypted passwords. With a little research the hacker determines how the passwords were encrypted. (In other words, they figure out the math required to generate the encrypted passwords) They then use hacking tools to brute force “crack” encrypt known words or passwords and compare them against the encrypted passwords which they collected. This is where your common password falls over backward.
Considering that fundamentally computers fastest action is the comparison of 1’s and 0’s this is a amazingly fast job. In fact there are password cracking tool that use gaming video cards can crack passwords with 6 billion attempts per second. using a passphrase makes this significantly more difficult to do in a short period of time.
By adding a few characters, numbers and special characters into an easily remembered passphrase you are making hacking your password significantly more difficult to crack. By doing this cracking your password can go from cracked in minutes to months to years.
2. CHANGE YOUR PASSWORD REGULARLY
If you have had the same password for years… you have increased the chance of an old hacker compromise from years ago, leaving you vulnerable today. Change your password at least once a year. If you want a gold star, change it twice a year.
3. DO NOT USE THE SAME PASSWORD EVERYWHERE
Imagine if everyone had the exact same house key. The key would be useless … right? Need I say more?
4. USE MULTI-FACTOR AUTHENTICATION
Sounds fancy? You should like fancy. Multi-factor authentication adds another “factor” to your password. It is essentially having two or more passwords to login to your account/service. There are many ways to do this including using your smartphone, having a secure token or USB key or fingerprint.
With a second factor you are using your good password (see #1) with something only you have. Many of you may have enabled fingerprint on your phone. Bravo! You’ve done it for your phone! (Ask me why I don’t use my fingerprint).
Check out Yubico www.yubico.com for a Yubikey to insert into your computers usb port.
Try Duo https://guide.duo.com/third-party-accounts with its free app to add a second factor. GMail, Facebook, Outlook, Office 365, banks and many other sites support these.
5. USE A PASSWORD MANAGER
Ok, now you are worried you are going to forget your passphrase… NO PROBLEM. There are apps for your phone and computer that allow you to store you passwords. In fact, some of them integrate with websites and you NEVER have to type or copy the password. WIN w!n. These apps or websites store all your passwords behind one master password you set.. (See #1)
Check out LastPass www.lastpass.com or Dashlane www.dashlane.com. Extra credit: If you use Dashlane or LastPass you can use multi-factor tokens with them also. Bonus! Dashlane and LastPass can fill in payment forms and store your credit card information too!
Be sure to store your master password for your password manager in a safe just in case you forget. If you use a multi-factor token setup alternate backup access. Check with your web service or bank to find out how.
Once you do this.. you are in complete control of accessing your account. Not even the people from the site in some cases can get into your login. You will be your own locksmith.
Take a deep breath… It’s easier than you think.