[BreachExchange] Ways To Protect Passwords from Hackers

Audrey McNeil audrey at riskbasedsecurity.com
Fri May 5 10:06:57 EDT 2017


Think of all the things you do online: email, social media, bank, shop,
work, manage utilities, use cloud storage, the list goes on. And for every
one of those activities, I bet you have at least one, if not many, accounts
that are password protected. Say you have two email accounts, three social
media accounts, two banks, three places you shop frequently, two specialty
work accounts, three utility companies and one "cloud" account.

All of a sudden, you have 16 accounts that need a password. And that's a
very conservative estimate. I know in my life, there are many more websites
that request login information.

Unfortunately, most people have passwords that are simply not secure. Do a
web search for "most common passwords" and you'll find several places list
passwords like "123456" or "password." Weak passwords make it that much
easier for a hacker to steal your data or even your identity.

So, in honor of World Password Day on Thursday, Better Business Bureau
encourages you to take a look at your passwords. It's easy to be casual
about passwords, like using the same one repeatedly or never changing them.
How are you supposed to remember all of those anyway? But, keep in mind
what bad guys could get into if they figure out just one password.

If a hacker accesses your email, he can figure out what other sites you use
and reset those passwords. Have you ever emailed sensitive documents? It
doesn't take much for a thief to run wild with your information. BBB and
the National Cyber Security Alliance recommend the following tips to
strengthen your passwords:

Make Passwords Long

"Passphrases" are much more difficult to guess than a short password. But,
they can be easier for you to remember. Swap out numbers and symbols for
letters and add in a few capital letters to make passphrases stronger. For
instance, PasswordDay.org gives the example of "Thund3rSh0wersatSuns3t."

It's long, easy to remember but more difficult to guess than something like
"Thunder123," and it combines many factors of a strong password. Don't
create passwords based on personal information that can be easily accessed
or guessed, such as your mother's maiden name or your dog's name.

Use Unique Passwords for Every Account

"Imagine if one key opened your front door, your car, your bank and your
safe. That's more or less your situation when you recycle passwords." -

Secure Your Passwords

Keep a written list of passwords in a safe place, not on or near your
computer or smart phone. Consider sharing the location of your passwords
with one trusted individual, in case of emergency. Use two- or multi-factor
authentication for extra security.

Password Protect Your Devices

Make sure your smart phone, laptop and tablet have "long and strong"
passwords to access the home screen.

Adjust the settings so the devices switch to lock mode after a minute or
two without input.

Change Your Passwords Regularly

Odds are, none of us are changing our passwords often enough. Consider
doing so at least every six months, or better yet, every quarter or so.

Pick a day that's easy to remember: Daylights Savings time or the first day
of each season, as a reminder to protect your identity online.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170505/6cbbcdf5/attachment.html>

More information about the BreachExchange mailing list