As technology takes shape, more applications are cropping up, more social network forums, more devices that require me to sign in for me to access the devices and also the applications on the digital handsets and or computers. Just like me, many of you out there have one of your biggest challenges chained to living a very active digital lifestyle. And the gist of the matter is you are always prompted to sign in to be safe whenever and wherever you go online. As an employee of one of the leading security and Risk centric consultant firms in the country, you can imagine the embarrassment if I fall victim to a cyber incident that would compromise my vast valuable data residing on many applications as a result of a week password. For which I use on all accounts that I own.
For you to open any door over the internet, you are required to have a key to that door, which ascertains that you are the authorized or legit user. That is when you use your username and password. This gives you access to vast sensitive data which exists beyond the authentication levels into the application. The data herein could be personal data or company data or valuable data that belongs to you.
What do you know about good password hygiene?
As consultants, during training, we advise people is to have multiple, and unique passwords for all owned web accounts. This is purposed that if one of the accounts happened to be compromised (or hacked) in a cyber incident, say my LinkedIn account, then my other accounts like Twitter, Facebook, online bank account, and other many accounts are safe since they have unique login credentials.
The other password hygiene we pass on is that you create stronger passwords (simple to remember but complex and unique). This is so because unique and complex passwords like passphrases extend the chances of password cracking to almost impossible (check your password strength).
In one of the Ethical Hacking Boot Camps at the Institute of Forensics and ICT Security, we had opportunity to engage with the attendees about their password hygiene. Surprisingly you wouldn’t want to believe that people hear about password Hygiene but do not reflect it in their digital life. Many of the attendees had this to say; “I create a stronger password and use it on all my online accounts”. Obviously when the password is compromised, all valuable data in all other accounts is then stolen. Others said, they write somewhere on a note and stick it in their notebooks. One raised the hand and confirmed that, he writes all his passwords on the sticky notes in his computer and always refer to it whenever logging in.
NB: Now, you find that almost all of us have been in that circle before, or still in that circle. There are “So many accounts”, “So many passwords”, and all belong to you.
The other challenge is that if you use weak (easy-to-hack) passwords, and apply on almost all your accounts, reuse them, and worst of all save them when prompted by your browsers, then you are giving away the keys to your valuable data to anyone online.
The implication of compromising your login credentials not only leads to stolen credentials but also to steal your identity. So, it is good hygiene to always have a multitude of unique keys to your virtual world.
NOTE: The only question is how would you remember all of these passwords when you need to log in?
What should I do to solve my problem?
Trying to deviate from one of the students as earlier stated, I do not recommend writing down my credentials and keeping them next to my computer. Because it is not secure hygiene of protecting the virtual keys to your valuable data. There are higher chances that whoever sees the note on your computer can have access to your valuable data
As Institute of Forensics and ICT security, we recommend that you use a password manager. With this in mind, a password manager allows you to record all your login IDs in a central location (called a volt) for easy recollection.
Making password managers the best option to the problem is because the only associated risk to it is allowing you to protect all logins to your applications in on bucket and tasks you to only remember a single, master passphrase.
Not all good…
Yes, there exists some associated risk that comes when you store all your valuable keys in one place, but if properly initiated and put in mind the best password generation criterion, then it can be many times safer than password reuse and much easier than trying to remember which password you used where.
We advise password managers because they allow you to securely generate very difficult and hard-to-crack passwords to autofill into the online services’ login pages you’re using. For example; ‘42!J8e%GVR%klMQNqtuA’ which is infinitely more secure than ‘your name’ or ‘what you use’ (please, don’t.). This is done to eliminate the ease of guess by cybercriminals.
The password managers will do the following;
- Keeps you safe from cybercriminals
- Saves you time
- Gives you control
- Save you the fatigue of having to remember the so complicated password that you created.
You need a password manager to save you from giving away access to your virtual world. Many passwords should never be your problem now. Download a password manager now, create an account, remember that one master password and enjoy protecting millions of login data…