A simple precaution in choosing a password, such as adopting a 12-character password instead of a 6-character password, takes cybercriminals 62 trillion times longer to hack.
During the last year, the value and importance of passwords it has significantly increased. The explosion of internet services, smart working and school in DAD, as well as the multiplication of app accounts, digital stores and social networks have resulted in an even more massive use of passwords.
Most internet users today are unaware of the importance of creating strong and strong passwords, which leaves people vulnerable to attacks by cyber criminals and hackers. For years the most common password in the world among private users has been 123456, this speaks volumes about the importance and attention paid to them despite the fact that these codes serve to protect some of our most relevant and confidential information, such as bank accounts, access to work tools and medical information.
The wrong choices of individuals and companies
But this neglect is not only of individuals but also of companies that, although we have massively adopted remote work, they do not implement the minimum security measures, as evidenced by the data released by the Ponemon Institute:
- 42% of companies he relies on his notes for password management
- 59% of companies relies on human memory to manage passwords
- 62% of companies say they do do not take the necessary measures to adequately protect mobile data
On the occasion of the World Password Day, the annual event through which IT experts aim to raise awareness of the importance of using secure passwords, Panda Security wants to share tips, for users and businesses, on how to create an effective keyword and manage the different credentials. First of all, we must start with a fact: 80% of the violations carried out by cybercriminals are the result of a credential theft, this trivially means that if the majority of the public were equipped with secure passwords, the effectiveness and number of cyberattacks in the world would be reduced.
Corey Nachreiner, CTO of WatchGuard Technologies, a company that includes Panda Security, commented:
“World Password Day is useful to remind us to adopt best practices, such as regularly changing passwords for your accounts, choosing strong passwords or phrases with at least 16 characters, using a unique password for each account, and using password managers to keep them safe. track. But these password security policies should now be staples in every organization and should be required and enforced all year round ”.
Corey Nachreiner then stated:
“I believe that a World MFA – multi-factor authentication – Day would be something more powerful and effective when it comes to strengthening corporate and individual security. Authentication is the cornerstone of good security, and multi-factor authentication means that users must provide at least one additional token in addition to their password to log into an account. These authentication tokens are typically something you are (biometric fingerprint or face scans), something you have (like a dongle or cell phone), and something you know (like a password). The MFA makes sure that even if a cybercriminal had access to one of these tokens, such as a user password, they would not be able to log in without the second (and sometimes third) authentication token. This is an absolute necessity when it comes to addressing the widespread and persistent problems surrounding poor password security and should be a primary focus for both companies and individual users. “
How do you create a secure password?
Here are some steps you can take to create a secure password:
- Choose a password of at least 16 characters: complexity is essential for the composition of the credentials, just think that a password of “only” 12 characters takes 62 trillion times more time to be hacked than a 6 one.
- Use two or more factor authentication: that is, make use of the joint use of two or more individual authentication methods. This is what happens, for example, with the method of accessing the current account: an ID, a password and an OTP are used (i.e. a password that can be used only once generated through a token).
- Use numbers, letters, punctuation, uppercase and lowercase letters in the composition of the password: to increase complexity it is also desirable to include random and unrelated words in your password
- Regardless of security, you shouldn’t use the same password for multiple services
- You must not use personal info or phrases and references taken from famous songs or films in the selection
- It is absolutely not recommended to write the password on sheets or diaries or try to memorize them
- Use a password manager – such as Panda Dome Password – to store and manage all of your credentials
The laziness of users also leads to others two issues to be avoided if you want to enjoy unassailable keywords: the tendency to choose the password based on the ease of memorization compared to the effectiveness and maintenance of the same despite you may have suffered a data breach. These behaviors are highly risky because, in the first case, the strength of the password that should protect the user is minimized, in the second it is even reset because the password has already been unhinged by a previous attack. These precautions they do not totally eliminate the risk of suffering a data breach, but they certainly minimize the possibility that this could happen. For this it is necessary, today more than ever, to be aware of the simple steps that make your password more secure.
What do you think about it? Let us know in the comments and keep following us on the TechGameWorld.com pages where you can find the latest news and more.