In most cases, a password is the only thing protecting your account from hackers. Despite this, many people fail to choose a strong password. UK’s National Cyber Security Centre recently released a list of the most commonly used passwords and some of the passwords on the list might be shocking in how simple they are. The number one password in the list is ‘123456’ with over 23 million accounts using this password.
When hackers engage in password spray attacks, they’re using simple, common passwords like ‘123456’ to gain access to accounts. And since so many people are using these types of passwords, the hackers are most likely gaining successful entry into multiple accounts. People often reuse the same passwords which means access to one account can mean access to all accounts. With this information, hackers can act as an insider threat, and move around the network undetected. This is why it’s important to take password security seriously. Here are 5 simple things you can do to increase password security.
Use a password manager
A password manager is a program that stores and manages your passwords across all accounts. It’s considered to be more secure because they help create strong, unique passwords. However, they have their pros and cons, which is why it’s important to do your research when considering using a password manager.
Avoid storing passwords on browsers
Storing passwords for your accounts within your browsers is convenient but is also a security risk. You can easily view your saved passwords within your browser settings and see which websites have passwords saved. Normally, you need a master account password to view all your saved passwords. However, if a hacker has access to this master password, they can see all your passwords. Be cautious when storing your passwords and make sure each account has a unique password.
Turn on Multi-Factor Authentication
Multi factor authentication involves using a secondary verification method in addition to a password. This typically includes methods such as sending a code to a mobile number or secondary email account that needs to be entered after your password. In some cases, people use a hardware key that they insert into their computer for verification. You should use multi factor authentication wherever you can. This adds an extra layer of security, and most websites support the use of multi factor authentication.
Always change default passwords
Never use the default password for your accounts or hardware. Hackers can use these default credentials to hack into your devices and conduct botnet attacks. It’s important to change your passwords as soon as a new account or hardware enters your network.
Don’t leave passwords out in plain sight
If you’re writing down your password to remember it, make sure you do it somewhere safely. Writing your password down where anyone can see it, such as on a post it note on your desk, is not a smart idea. If you feel the need to write down your password, consider writing down a hint to your password instead. Overall, it’s best to not have your password written down anywhere. Creating a password that includes phrases or acronyms that is meaningful to you is a good way to have a memorable password.
Security is a team effort. Remind your employees of the importance of having good security habits, like using strong passwords, by engaging them with cyber awareness training.