Password safety 101: Here are the top five ways to be safe in cyberspace
You’ve probably heard yesterday that mark Zuckerberg, Co-founder and CEO of Facebook, had his Pinterest and Twitter accounts hacked when hackers discovered his password during an attack on LinkedIn. The reason why his Pinterest and Twitter accounts were also hacked was because the password that he used for all platforms was shared. This is also called password recycling. It’s one of the many things on the don’t-do list of Internet security, along with using simple passwords, which we’ve been reminded of countless times. (1), (2)
So what’s an ordinary person like you and I to do if Mark Zuckerberg – assumedly one of the most tech-savvy people on the planet – does things like this, and got his LinkedIn, Twitter and Pinterest accounts compromised? Well, there are lists of things – some of which we've brought to your attention before – that you can do. They sound simple enough, but can you get yourself to doing them? Here are the top five ways to ensure that you're safer on world wide web.
5) Don’t use dictionary words for passwords
This is really the bare minimum of having good passwords. It’s easy to guess, and easier to brute force. Granted, “dadada” isn’t a dictionary word, it’s just as simple – if not more, making it worse.
4) Mix up upper and lower case letters with numbers and symbols
A good example would be something like P@ssw0rD, but being only one word long is still a little too short. Instead, go for unusual but memorable phrases like “margaretthatcheris110%SEXY.” To quote Edward Snowden, the key is to "shift your thinking from 'passwords' to 'passphrases'."
3) Don’t recycle passwords
The reason behind this is simple: if you use same passwords for multiple accounts, once one is identified, all other accounts using that password are compromised. It doesn’t matter if you use a 30-character one with upper and lower case letters, numbers and symbols, or simply “dadada” because a simple copy and paste will do the trick.
2) Use a password manager
Global Web Index says that the average person aged 16 – 24 has 6.5 social media accounts. Coming up with, and remembering, the passwords for them all is being described as password fatigue. If this is something familiar to you, maybe use a password manager like LastPass. You’ll need to remember the one password to access it, and it generates and remembers all the other passwords that you may need to use.
1) Two-factor authentication
Big sites who take their security seriously would offer you this. One of the best examples is Steam. Log in from a machine that you’ve not logged in from before and you’ll be sent a code via SMS, asking that you key that in to Steam to authenticate that it is indeed you who attempted to log into your account and not someone else that happened across it. You can then decide if you want to continue using a two-factor authentication for that system or to have it recognized as one that you’ll often use. This gives some leeway to recycle some passwords if you are having trouble remembering them all and don’t want to use a password manager.