How many people have you told your password? Your partner, friend or perhaps your colleague? Your data is only as safe as your passwords, you must change your passwords frequently and tell no one. Remember, it’s a secret…
Data breaches are in the news every day and with everyone being a target. The latest breach was not so much a hack, but a bug that compromised millions of user’s passwords. Last week, Twitter asked us all to reset our password, this was before announcing a bug that had been storing passwords unmasked within an internal log as plaintext. That got us thinking. What are the risks of not changing your password?
We questioned some experts on passwords security and were passed on some interesting information from key influencers in the security industry.
Firstly – should you change? The answer – a resounding “yes”. The reasoning? On average, we have around 100 online accounts that require a password. The problem is, we tend to reuse the same password over and over, so if one account is compromised you may have just handed a hacker the keys to your bank details, address information and private emails.
Overall the verdict is grim. The good news is that you can improve your security by taking a few simple steps, one of which is genius.
There are programmes that can crack any password combination of up to 14 characters in under 5 minutes. Chances are that your password will be cracked in seconds. In the time it takes you to make a cup of tea, this machine will try EVERY possible password combination using 14 letters and characters.
Here are some tips from the professionals:
- Use more than 14 characters. It takes longer to crack longer passwords.
- If the password asks for 9 letters and at least one character, use more than one character – every extra character you use makes a password harder to crack.
- Be like a Bank – use two-factor authentication wherever you can.
- Most people use the same password as they cannot remember multiple secure passwords. Why not use a Password Manager such as lastpass that will securely store all your passwords?
The final two tips are our personal favourites.
- Instead of a password, use a sentence. Why not use a memorable phrase or a verse from your favourite song? Easier to remember and harder to crack.
- And for your personal information, don’t use your name and address, or best friend at school, or your first pet’s real name. Make them up! Social engineering is an attackers secret weapon to gain your information, 99% of people’s memorable information can be found with a quick look through social media.
Of course, the best form of defence is attack. That’s why at KubeNet, to beat the hackers we think like attackers. As a Cisco Premier Partner, we can offer a 14 day free trial of Cisco Umbrella. Umbrella is the first line of defence and protects you on the DNS layer, best of all Umbrella can be set up in minutes. For more information, or to sign up for the trial click here.