Are Passwords Really the Safest Way to Protect Your Data?
Passwords are certainly not something that is unique to the world of IT, computers, and the internet. Secret knocks and passwords have been used for centuries to gain access to secure areas by spies, criminals, and even children with their secret dens and treehouses.
It was in 1960 though, at MIT, that passwords were first suggested as a security measure for computer systems. It is kind of ironic then that the same university was the subject of the very first password data breach just two years later.
Individuals and small to medium to large businesses are waking up to the need for secure password management solutions today. As more and more sensitive data is transmitted across the world via the web, the need for security is increasing too.
Keeping passwords safe is one step toward making sure that your systems cannot be accessed by anyone but you.
Where can you store your passwords securely?
It is said that more than sixty percent of computer users write their passwords down. Others simply leave their accounts and systems logged in, or don’t even turn on password protection for their laptop or mobile device.
If you are security conscious though, you will probably wonder where is the safest place to keep your passwords?
Obviously, writing your password on a sticky note which is then attached to your monitor is not the best practice for security. Yet, many people still do this at home, and even in the workplace.
What is needed is a dedicated solution for managing, creating, and passwordless authentication. Fortunately, this exists. These programs are known as password lockers, vaults, or managers.
What is a password manager or vault?
A password manager is a program that securely stores information pertaining to login details for authorized individuals. This means passwords, other credentials, and also other sensitive information such as recovery codes or PINs.
The passwords are encrypted and stored in these digital vaults under a very strong master passcode.
There are different levels of security with password managers, and they come in the form of free-to-download and use, and also paid for versions. Some versions are aimed solely at the home user, and others have a higher grade of security and are for small to larger businesses. These are called enterprise password managers, and you would expect them to have more features.
There are some essential features for enterprise password managers, and these include the ability to generate unique, uncrackable passwords. Plus of course, added levels of encryption and security.
These management systems make life easier for the average person by storing all the passwords they need in one place. So, for instance, the average home user needn’t worry about remembering their passwords for Netflix, Google, Spotify, and a host of other accounts, as the password manager will do it for them.
How do you make a secure password?
One of the major problems with passwords is that the average person doesn’t make them strong enough. Consider your own passwords. How many of them are the same, or very similar, over different accounts and platforms? How often do you change them? Have you had the same passwords for several months or even years?
Gary McKinnon was facing 60 years in a US prison for hacking into the Pentagon and NASA in 2008. However, he did much of his work not through incredible hacking, but due to weak security.
As one way of avoiding a prison sentence, Gary McKinnon offered his services to the US government, but they declined because they said he didn’t display skills that they needed. They admitted that the reason he accessed so many areas of their networks was that employees were using default passwords. Many of these passwords were simply “passwords”.
A password manager is an effective way to generate new, unique, and unguessable, passwords. They generate strings of characters, symbols, and numbers that no hacker could possibly guess. You can of course do this yourself, but as around 50% to 60% of people forget their new passwords straight away, it is better to use a password manager to remember them for you.
How often, and how bad can password leaks be?
Cyber attacks take place constantly across the globe. Home computers and business networks alike are targeted by sophisticated, and amateur, hackers all the time. Most of these attacks come to nothing. Firewalls and antivirus software help repel infected downloads and other types of attacks.
However, there have been some major data breaches on a number of very well-known brands. LinkedIn, Twitter, and FriendFinder are just three of a growing number of companies that have been compromised and had millions of passwords exposed.
In 2009, TechCrunch reported on the huge password breach made by a hacker on the RockYou social app. In 2021 however, another list of passwords and emails was leaked. This time the breach was nicknamed RockYou2021 in some kind of deference to the previous hack. A total of 8.4 billion passwords were placed on a popular hacker site for all to see and use.
The RockYou2021 hack was the biggest password breach ever. However, many hackers target regular home users with phishing techniques, keyloggers, or other methods.
Is the average home user at risk of a cyber attack?
In 2020, something happened that changed the way many people would work for the foreseeable future. When Covid struck, millions of people began to work from home. This has brought advantages for many of the people who have carried on working this way, but it has also brought some added risks.
The average, normal, home computer user is subject to over 100 different online threats a month. These can be from phishing emails, unwanted spyware, malware, and more. Now though, with the rise in remote working, the attacks are not only more frequent but more costly.
It is said that now remote working is more prevalent, and any data breach costs an average of nearly $140,000.
Hackers don’t just target companies though, they are very happy to obtain your banking passwords, or your credit card details too.
Are passwords still worthwhile then?
Until more security advances are made, and everyone’s laptops are using retina scans and thumbprints, and all other manners of safety measures, passwords are here to stay.
Passwords can be a very effective way to increase security on any online, or offline, platform or account. The key is to change them regularly and make them strong with no personal connection. This means avoiding pet’s names, birthdays, your street name, or your mother’s maiden name.
Using a password management solution is one way to generate the strongest types of passwords without the need to even try and remember them. This way, passwords can still be a secure method of deterring unauthorized access.
Passwords are safe but only as safe as you make them. If you scrawl all your passwords on a piece of paper that is pinned on the wall next to your laptop, then you are asking for someone to use them.
Fortunately, most people aren’t that way inclined. There are, though, plenty of cybercriminals who will try to find out your most sensitive data through other methods.
You can help to ensure this doesn’t happen by making strong passwords that you keep changing, and you don’t write down. If you can’t remember your passwords or forget to keep changing them, then use a program to help you.