Author: Nadia_Kovacs30 Employee Posted: 30-Sep-2014 | 9:57AM · Edited: 25-Apr-2017 | 10:46AM · 0 Comments · Translation:
October is National Cyber Security Awareness month. Strong passwords are the key to your digital life. Be sure to protect your information by utilizing the tips provided in this article.
This is part 2 in a series of blog posts we will be publishing on various topics aimed at educating you on how to stay protected on today’s Internet landscape.
Passwords are the digital keys to our networks of friends, our work colleagues, and even our banking and payment services. We want to keep our passwords private to protect our personal lives, and that includes our financial information. While some cybercriminals may want to hack into our social networking or email accounts, most want the financial gain that hacking bank accounts can bring.
The most important two passwords are those for your email and social network accounts. If someone gains access to your email account, they could use the "forgot your password?" link on other websites you use, like online shopping or banking sites. If a hacker gets into your social network, they have the ability to scam your friends by sending out links to dangerous websites or posting fraudulent messages asking for money. The bottom line is that a good password is all that may stand between you and a cybercriminal.
How is it done?
There are many ways that hackers can crack your password outside of phishing attempts and spyware. One method is by attempting to log on to your account and guessing your password based off of personal information gained from your security questions. This is why it is extremely important not to include any personal information in your passwords.
Another way that hackers can attempt to gain access to your password is via a password cracker. A password cracker uses brute force by using multiple combinations of characters repeatedly until it gains access to the account. The shorter and less complex your password is, the quicker it can be for the program to come up with the correct combination of characters. The longer and more complex your password is, the less likely the attacker will use the brute force method, because of the lengthy amount of time it will take for the program to figure it out. Instead, they’ll use a method called a dictionary attack, where the program will cycle through a predefined list of common words that are used in passwords.
How You Can Create a Secure Password
In order to avoid being a victim of these kinds of hacks, we’ve amassed a collection of Do’s and Don’ts on how to choose a secure user password. A secure password is one a hacker can't easily guess or crack using software tools and one that is unique and complex.
- Do use Two-Factor Authentication (2FA) whenever possible. 2FA adds another layer of security to any account you may be logging into. When using 2FA, you can choose two of three types of identification to provide:
A password or pin number.
A tangible item such as the last 4 digits of a credit card in your possession or a mobile device that a code can be sent to.
A part of you such as a fingerprint or voiceprint.
- Do use a combination of uppercase and lowercase letters, symbols and numbers.
- Don't use commonly used passwords such as 123456, the word "password," “qwerty”, “111111”, or a word like, “monkey”.
- Do make sure your user passwords are at least eight characters long. The more characters and symbols your passwords contain, the more difficult they are to guess.
- Don't use a solitary word in any language. Hackers have dictionary-based systems to crack these types of passwords. If you insist on using a word, misspell it as much as possible, or insert numbers for letters. For example, if you want to use the phrase “I love chocolate” you can change it to @1L0v3CH0c0L4t3!
- Don't use a derivative of your name, the name of a family member or the name of a pet. In addition to names, do not use phone numbers, addresses, birthdays or Social Security numbers.
- Don’t use the same password across multiple websites. If remembering multiple passwords is an issue, you can use a password manager such as Norton Identity Safe to securely store your passwords.
- DO use abbreviated phrases for passwords. You can choose a phrase such as "I want to go to England." You can convert this phrase to an abbreviation by using the first letters of each word and changing the word "to" to a number "2." This will result in the following basic password phrase: iw2g2e. Make it even more complex by adding punctuation, spaces or symbols: %iw2g2e!@
- Don't write your passwords down, share them with anyone or let anyone see you log into devices or websites.
- Do change your passwords regularly.
- Do log out of websites and devices when you are finished using them.
- Don't answer "yes" when prompted to save your password to a particular computer's browser. Instead, rely on a strong password committed to memory or stored in a dependable password management program. Norton Security stores your passwords securely and fills them in online in encrypted form.
If all of this is too much for you, you can simplify this process by using the Norton Identity Safe Password Generator. It will allow you to customize your password by length, and gives you the choice of including letters, numbers, mixed case and punctuation.
This may seem like a long, complicated process to go through just to log into a website, however, it is not as complicated as a cybercriminal gaining access to your passwords and stealing your identity. Just remember that a bit of legwork now can protect you from extremely compromising situations in the long run.
This is part 2 of a series of blogs for National Cyber Security Awareness Month.
For more information on various topics, check out:
5 Ways You Didn't Know You Could Get a Virus, Malware, or Your Social Account Hacked
How To Choose a Secure Password
How To Avoid Identity Theft Online
How To Protect Yourself From Phishing Scams
How To Protect Yourself From Cyberstalkers
Securing Employee Technology, Step by Step
Are Your Vendors Putting Your Company’s Data at Risk?
Four Mobile Threats that May Surprise You
Theft-Proof Your Mobile Data
Traveling? Don’t Let Your Mobile Data Stray