3 min read
Passwords. The basis of cyber safety. From entertainment to e-commerce, all our activity online is secured through combinations of letters, numbers and special characters that we put together. Hopefully, at random but mostly in predictable sequences. Password vaults may be a viable solution.
What started off with ‘alphabets and numbers, at least 6 characters long’, has become ‘alpha-numeric with special characters, at least 8 characters long’. Some apps/websites take it even further and force you to use a character only twice in a password. E.g. – AsianLaws! would be invalid, but AsianL@ws! would be allowed. Most banks require you to change your password every 6 months. Security requirements are becoming increasingly more demanding, and rightly so.
So, how do we remember so many password combinations and still use unique ones for every app/website/device? Do we give in to “sign in through Google/Facebook” or do we take our security a little more seriously?
Up until now, we’ve suggested using logic to remember your passwords.
Example: @ + Name of Website + Number of Letters + Dog’s Name
Facebook: @Facebook8Scooby ; Instagram: @Instagram9Scooby
The truth is that these passwords work only for websites and apps that require low security. After all, it is quite easy to reverse engineer the logic if one password is revealed. And most of us tend to keep the logic simple. Giants like Google, Facebook and even the FBI have been taken down, so our passwords with minimum security don’t stand too high a chance.
So, what’s the point?
The aim is to avoid having the most easily hackable password. If a hacker is specifically after your password, your chances of being safe are dependent solely on the skill level of the hacker. There is no 100% air-tight security.
However, such cases are few and far in between. Most hack attacks are blanket attacks done on many accounts simultaneously, with the hope that some will crack. And therefore, as we said earlier, the aim is to avoid having the most easily hackable password. Reduce your vulnerability and reduce the likelihood of your account getting compromised.
What does that mean?
Make your passwords difficult to crack to the best of your abilities. And when that falls short, turn to a password manager or a password vault!
Yes, you read that right. A password manager stores your passwords in a vault controlled by a master password and automatically enters the required password into a browser/app on your request. Now, the thought that all passwords be saved in one location seems the opposite of secure. That is true if you were to save all your password in an excel sheet or a Google document. Using a password manager is more advisable than the alternative of reusing passwords.
However, password vaults, especially the paid ones available today on the App Store or Play Store have excellent security protocols. While these managers allow you to set your own passwords, ideally you should let the program choose the password for a website/app. These programs come up with passwords that are completely random, such as uaF@7TaW.!vuJw. Without any logic or phrases, these passwords are near impossible to crack.
For additional security, you should also use two-factor authentication when auto-filling passwords. Of course, the master password you pick for the password manager must be ironclad. You will have to pick something that is complicated and not predictable.
Yes, there’s an inherent risk in trusting a password vault with all your online safety. However, that’s essentially how the whole online ecosystem works. Our browsers are constantly tracking our data in exchange for access to the internet. Your phone is continuously tracking your usage patterns in order to better your user experience. Similarly, the chances of getting hacked when using a password vault are far fewer than trying to randomise passwords yourself across the many, many accounts we maintain.
Get Cracking and Protect Your Passwords!
Some good password vaults are 1Password, Dashlane, KeePass, LastPass and RoboForm. If you use Chrome on your PC and an Android phone, Google Password Manager is also recommended. Paid apps usually come with better security protocols and stronger defense algorithms. However, it’s a small price to pay in exchange for having to remember many passwords across platforms!
Some key points to remember for passwords are:
- Alpha-numeric with special characters (obviously!)
- Do not use personal information like birthdays
- Use words from different languages
- Avoid standard symbols such as ! @ &
- Size matters; longer passwords are tougher to crack
Do you have any suggestions for passwords?
If you want to know more about passwords, password vaults, join our Certificate in Cybercrime & Cyberlaw program!