8 May 2016

Are your passwords safe?

Intel Security has celebrated World Password Day with reminders of how best protect to individuals data by using multiple ways to authenticate themselves online:

Avoid easy-to-guess logins
While many users make their passwords short and clever for this reason, these types of logins are fairly easy to guess. Cybercriminals often reference the most common password combinations as their first login-guessing tool. Simple keyboard patterns like qwerty or 12345678 are as insecure as passwords like welcome or login.

Make strong, complex passwords
For starters, long ones are always better than short ones. Make sure to include numbers, lowercase and uppercase letters, as well as symbols. The more complex it is, the harder it will be for cybercriminals to crack the code.

Forget universal passwords
Don’t use the same password everywhere. If your data is leaked from one source, you don’t want to give away the master key to all of your online services.

Personal details are public
Important dates, facts, habits and preferences from your life can play a role when generating passwords. Cybercriminals often try variations based on personal details when they try to brute-force accounts. Place of birth? Favourite food? An important anniversary date? Easily found on the Internet.

Consider biometrics
Many phones today have thumbprint scanners (think Apple’s Touch ID). Voice recognition technologies are advancing, too. We’re rapidly entering an age where we can use our own bodies to verify our identities. While it’s certainly convenient, biometric security may not replace all of our passwords. But it will serve as another layer of security when authenticating into devices, confirming that we are who we say we are.

Regular maintenance
Check regularly on account security. If you hear of a data breach, take the time to make sure your information has not been compromised. Change passwords regularly, and not by making a small edit to the existing one.

Use a password manager
Look to a password management solution to generate secure, complex logins for your accounts and store them for you.

Use multifactor authentication
Anytime you can require multiple login-steps to access a device, take advantage of it. This makes a huge difference in terms of your account security. A complex password plus text message confirmation? A PIN plus a fingerprint? These are great security features, and are even stronger when paired.

Be on your guard
When data isn’t easy to obtain, cybercriminals have other methods to resort to. Techniques like social engineering — where cybercriminals disguise themselves as friends, family or figures of authority to trick a user into taking a certain action online — are powerful, and can easily dupe us into giving up personal, sensitive information.


Read the WorkSmart Asia blog post about password generation - dated 2014, but still relevant

posted from Bloggeroid