Our day almost always ends with one common activity – checking if the house door is locked and for some, ensuring that the car has also been locked. This almost feels compulsory. Why? We all do not want to compromise the safety of our lives and that of our possessions. However, information security seems to be option for many people. Safety of personal information is as crucial as the safety of our lives and possessions. Let us talk about password protection.
Password protection is the process of protecting information using a private code. Only people with an authorization can gain access to information that has been protected. Passwords are commonly used to gain entry to networks and various Internet accounts to authenticate the user requesting access. Password protection policies must be put in place in organizations to guide staff members on how to create a password, store the password and how often to change it.
The importance of passwords
Passwords are the first line of defense against unauthorized access of online accounts, devices, and files. Strong passwords help protect data from bad actors and malicious software. The stronger the password, the more protected the information will be. Using weak passwords is much like leaving the door open on your car or house – it is just not safe. Passwords remain an effective solution for identity-based access control of digital assets when considering cost, security benefits, and ease of use and management. The average user now manages more passwords than ever before. Password security systems are used not just to protect data but also to verify and establish identity for personalized features and account access. Stolen credentials are commonly used by cyber attackers to deliver malware. For this reason, it is important to adopt password security best practices, such as multi-factor authentication (MFA)
Consequences of password fatigue
When the average person has more than 150 online accounts, password fatigue is a reality. It is tempting to use simple passwords or the same password for several accounts instead of creating unique passwords for each account. Password complacency, however, can lead to devastating consequences for individual users and businesses.
For individuals, the loss of valuable personal, financial, and medical information can have long-lasting financial and reputational repercussions. Victims may find themselves unable to buy a car, rent an apartment, or secure a mortgage. They can even be denied critical medical services. For many, it can cost time and money to restore their good name and get their lives back on track. When cybercriminals gain unauthorized access to an organization’s data, the consequences can be severe. Businesses can experience a significant loss of revenue, intellectual property, and disruption to operations, as well as incur regulatory fines and sustain reputational damage.
Hackers are becoming increasingly sophisticated in the way they steal passwords. Bad actors use the following tactics to steal passwords;
- Brute force attacks – a method that uses trial and error to crack passwords and gain unauthorized access to accounts and systems.
- Credential stuffing – the automated use of stolen usernames and passwords to gain unauthorized access to online accounts, is another tactic used by attackers.
- Dictionary attacks – trying to break a password by entering every word in the dictionary and using derivatives of those words with character and alphanumeric replacements.
- Key logging – the use of a software program to track a user’s keyboard strokes to steal PINs, credit card numbers, usernames, passwords, and more.
- Malware – malicious software designed to harm or exploit computer systems and, in many cases, steal passwords.
- Password spraying – this is the use of a single password against many accounts to avoid account lockouts and remain undetected.
- Phishing – tricking users into sharing their credentials with hackers impersonating legitimate institutions and vendors.
The best way to protect against password hackers is to use strong and unique passwords on all devices and accounts. Be skeptical about links and attachments. When in public spaces, shield paperwork, device screens, and keypads from view to keep criminals from stealing passwords by looking over your shoulder. Another important prevention measure is to avoid accessing personal and financial data with public Wi-Fi. Where possible, install antivirus and antimalware software on your devices.
Strong passwords can help defend against cyber-attacks and lower the risk of a security breach. They are typically long and include uppercase letters, lowercase letters, numbers, and special characters. Strong passwords should not have any personal information. Follow these guidelines to create strong passwords:
- Use at least eight to 12 characters.
- Use a combination of letters, numbers, and symbols.
- Use at least one uppercase letter.
- Use a different password for each of your accounts.
- Use uncommon, unusual words.
When used properly, password security can be very effective and plays a key role in multi-factor authentication (MFA). However, inattentive user behavior and insufficient protection of credentials by enterprises can be a cause of damaging security breaches. The first password systems assumed that users would memorize their passwords, which would create a secure form of password management. However, passwords have proliferated in home and work life and have also become more complex. Users have too many passwords to remember and often reuse passwords, hence, why organizations must have cybersecurity policies to protect both their employees and company data.
Be cybersmart, be proactive, be reactive; prevent and report cybersecurity incidents and help us keep Eswatini safe and secure.