How Safe is Your Password?
Following on from the article we posted earlier this year where we talked about phishing scams, we wanted to raise the subject of passwords and how you should use them to keep your information as secure as possible.
The dangers of password reuse
Using the same password across different websites and online services is a risk. A hacker needs to crack just one site to be able to access other sites that a person or business may use. If you add to this the fact that many services require an email address for login, password reuse becomes an even more serious issue as the same username and password can be used over multiple websites.
What can be done?
The best solution is to have a unique password for every online service and website that you or your business uses. In the event that passwords have been exposed or a hack has taken place, you simply need to change the password for that service/website alone.
How will I remember so many different passwords?
Remembering multiple passwords sounds difficult. However, a solution is using a password manager. Password managers help you securely store all your different logins and passwords. Some password managers will even give you an option to link directly to the website that you need access to, saving you the “copy & paste” task, and logging you in to the website automatically.
A password manager is a much better option than allowing your web browser to store all your passwords as there are a number of tools, freely available online, that will recover passwords saved in a browser. Password managers encrypt stored passwords so attackers will not be able to recover them.
Some examples of good password management tools on the market include LastPass www.lastpass.com; Dashlane www.dashlane.com; Zoho Vault www.zoho.com/vault; Sticky Password Premium www.stickypassword.com.
Has your password been hacked?
Earlier this year The National Cyber Security Council (NCSC) published the 100,000 most common passwords that have been accessed by third parties in global cyber breaches. Some of the most prevalent themes in the list included numerical patterns, names, football teams, musicians, superheroes and (believe it or not) swear words.
What is constant across all of these passwords is their simplicity. Easy to think up and easy to remember. This also makes them easy to crack, so effectively useless.
There is a way to check if any of your passwords have been compromised. A respected, international web security expert has created the website www.haveibeenpwned.com. This website quickly and easily allows you to check if you have an account that has been compromised in a data breach.
If your password does show as being compromised you can then take the necessary steps to make sure your details are changed for any sites where you use the same password.
If you want to be better prepared in relation to cybersecurity, please feel free to contact our dedicated GWA Computer Services team on 01289 306688 or itdept@gwayre.co.uk.