Tech Talk with Jeff - Passwords
Oh, there is that wonderful topic, again. What a pain passwords are. We can never remember them and we have too many. It's simpler to just pick one easy one and use it everywhere, right?
Please don’t do that. Not if you care about your personal security that is.
"Oh, but who cares if someone hacks into this unimportant account I have."
We've all experienced this viewpoint, but the reality is we all need robust passwords that provide as much security as reasonably possible. It only takes a small foothold by the hackers to cause you a lot of pain, even with an unimportant online account. So, let’s take a stroll down the password lane as to what we need to be doing.
A password is basically a key. It is a key to an account requiring a login that you use, whether it is to your credit card, bank account or a game. The key typically has two parts. A login/user name and a password. A lot of login names are standardized (used on multiple accounts) or use your email address. That's not a very secure part of the key to an account. This typically leaves just the password to be your primary protection. If it is not strong, you risk someone getting access to your information/account. Removing someone from having that access is not easy. If they get access to your email account, it is even worse since most validation is done through an email account.
How do you make this structure more secure? Add another factor, as in multi-factor authentication. Whether it is a text message code to your cell phone or using an authentication program like Google Authenticator. If the login account has the ability to utilize multi-factor authentication, definitely activate and use it. It makes it that much harder for someone to gain access to your account.
"Oh, but all of this is a pain and makes accessing my accounts harder for me."
Yes, but what is even more of a pain is trying to get your information and accounts back from someone that has gained access to them. They can do a lot of damage to you. It is worth the time and effort to protect your information and accounts. Definitely look at the security parameters that each account provides to you and implement what makes sense. For more information read my blog on multi-factor authentication.
Back to your passwords.You should be using passwords that do not reference things in your personal life. That information is probably all over your social media and easy for a hacker to tap into (like your children's and pet’s names). Your password should be at least 16 characters long. Use phrases (not common ones) or two passwords combined into one. Yes, it's a bit of a pain, but it is doable and does help protect you.
Also, never use the same password on more than one account. Why? Because if that password is compromised, they will try it on all your other accounts. Everyone pretty much uses the same account services everywhere, so it is an easy task for the hacker to find other accounts to attack using your credentials.
Another consideration is, don’t use the same passwords at home and at work. If your home passwords get breached, you don’t want the scammers using them to access your work accounts. That is a really bad look and experience.
"So, what to do? I have different passwords everywhere that are long and hard to remember?"
Use a password manager. There are many out there and some of them are very good. They allow you to use very long, complex passwords that you don’t have to remember. All you have to remember is the one password to access the password manager. Just make sure the password manager password is long and complex since it is the key to your password kingdom!
How safe are password managers? Mostly safe. There was a password manager compromise recently at LastPass. Yes, this can happen. The Internet is not a safe place, but you are better protected using a password manager than not using one.
Be aware and be safe!
