Password security goes hand in hand with one of the biggest concerns for people today is their privacy. It’s not just about the privacy at home with curtains on the windows and locks on doors, but privacy with technology. So much of our lives are in a digital world that we need to invest in digital locks.
No matter where you go, someone will attempt to break into your private information and steal your data. This invasion of privacy isn’t something any of us want to deal with. In the digital world, our passwords serve as locks.
Except that we don’t always lock these doors effectively. It’s in that vulnerability that will allow a hacker to take our information and use it as they please. CyberSecurity Ventures claims that by 2020 it is estimated we will be using 300 billion passwords! That is a lot of locks to secure.
The corruption to your password can feel like a violation personally. Someone has snuck in under your nose and rummaged through your systems to find what they need. It’s theft, and it’s something that you NEED to protect yourself against. The one and only thing that you need to do to help combat these hackers. To stop them from taking what isn’t theirs you need to concentrate on your password security.
Increasing Need For Password Security
Password security isn’t just about how many passwords you put onto each of your devices and data stores. It also matters how often you are changing them, and how complex they are.
A study by Varonis found that 65% of all businesses have over 500 users that never get asked to update their passwords. This can lead to a massive security breach – even when you do have complex passwords in place.
Along with this, there have been reports in the UK that over 20 million victim accounts worldwide used 123456 as a password. This may seem like a simple password that “no one would guess” but it’s clearly not as simple as people think. To create a secure password, think about the advice from the NCSC, which says that using three random words strung together as a password is a better idea than being overly simple. DuckCabinSpoon is far harder to guess than 123456, right?
These things have taught us that passwords have to be as complicated as possible so that they cannot be easily guessed.
You probably know all the password security rules:
- Uppercase and lowercase letters required
- Minimum of 8 characters
- Use special characters
- Do not use your name/date of birth/easily guessed information
These rules are great if you’re setting up a password, but they’re not easy to follow. In fact, a survey conducted by OneLogin, up to 93% of companies have reported setting password rules in place. But, fewer than a quarter of those companies ask for regular password changes. It makes you wonder why they bother enforcing the rules if they won’t implement the changes.
People resist complex passwords because it is difficult to remember passwords across different devices and websites. So, some people think writing them down is the best idea. If this is you, there is something that you need to know:
Writing down your passwords? Possibly the worst decision that you could make for your password security!
Undermining your password security by using the same passwords across every device that you own and then writing them down is going to leave you vulnerable.
Purdue University Global
- Experience world class education online!
- Purdue Global offers 180 programs at associate’s, bachelor’s, master’s and doctoral levels
- Competency-based ExcelTrack™ Programs may allow you to earn your degree faster and for less money
- Cyber Security Programs Include:
BS in Cyber Security
MS in Cyber Security Management
Graduate Certificate in Information Security
Southern New Hampshire University
- Take advantage of some of the nation’s most affordable tuition rates, while earning a degree from a private, nonprofit, NEASC accredited university
- Multiple term start dates throughout the year. 24/7 online classroom access.
- Cyber Programs Include:
BS in Cybersecurity – General Track, Data Analytics or Project Management Track
MS Cybersecurity – General Track or IT Management
Drawbacks Of Writing Your Passwords Down
The most obvious drawback to writing down your passwords? Losing the piece of paper. Everything we do is mostly digital now. So chances are if you write down a passwords on a piece of paper you will lose it. This would mean that you’d have to change all of your passwords all over again, just to ensure that you can still log in to the websites and systems you require.
Another considerable drawback to writing down passwords lies in where you decide to store them. You’ll end up forgetting where you’ve put the list, leaving your passwords around for anyone to just find. This leads to a significant compromise in your internal security and your information. While writing down your passwords may feel like an excellent way to remember all of them and keep them safe, there are too many risks to doing so.
Data Breaches – Should You Be Worried?
The short answer is – yes, you should be worried. A UK Cyber Survey displayed that over 40% of Brits expect that they will lose money to online fraud. This is a large number. It’s never okay to expect fraud, not when it can be stopped. Your data is essential, and you cannot leave it open for anyone to take from you.
There was a considerable breach in data in 2017 with Equifax due to passwords being broken down. There were 3 billion accounts with Yahoo compromised, and 110 million Target credit cards breached. Marriott saw 500 million guests have their details compromised, and 165 million LinkedIn accounts were also hacked.
These are huge numbers to consider, and large company data breaches are unfortunately becoming the norm. User information has to be kept safe, and it’s very likely that the lack of password security can ensure that they are not.
This isn’t just in private, but at work, too. When over half of all employees are prompted to go for a password change and end up reusing the same passwords. The latest Verizon Data Breach Report found that 81% of hacking breaches come from weak or stolen passwords. And the worst thing is, LastPass reports that 59% of us KNOW that we shouldn’t reuse our passwords, but we do it anyway.
Some companies take on password management systems to manage their company passwords. The random passwords that are generated are impossible to guess most of the time, and they come in complicated forms like £398uyhHyu* and such.
Storing these passwords in your computer and automatically allowing entry the moment you type in your username is all well and good. But the problem here is that these are also not always secure. Saving your password to your computer may save you time, but what if a hacker is on the inside of your company and needs your information?
Pros and Cons of Keeping The Same Login EVERYWHERE
Common advice is to choose different logins for different places and never use the same password twice. When someone tells you this, they’re not trying to be petty about your password choices; they can see the links for a massive data breach. So, let’s say you use your password for your email as the same password for your online banking. And you use the same email address for both.
If someone can break into your email, the chances are that they recognize that they can also break into your online banking. This means that the one universal email address and password that you use for everything is very easily compromised. With this in mind, we’re going to take a look at the pros and cons of keeping the same login for everything.
- We are a forgetful species, and we are not very good at coming up with memorable passwords. Passwords that are the same for everything make sense to us to use because they are easier to remember. A password manager can help, but most of us don’t understand how those work.
- Ease of use is another reason people choose to have the same password everywhere is because we are – admittedly – lazy about our security. It’s easy to use the same ones.
- There is one major con of keeping the same logins throughout social media like Facebook and Instagram as well as throughout your business, and that is that you create a single point of failure. If someone guesses one password for one area, they know all your passwords.
Registering your primary email address for your Facebook, Instagram, LinkedIn, online banking and Netflix may make sense to you. After all, all you’re doing is ensuring that you remember which email address to log in with. The issue comes with your predictability. So, if you use the same email address for LinkedIn that you use for your email account, the person who would get hold of your LinkedIn login to get into your email.
Now, let’s imagine that this is the email address that you use for everything as we mentioned earlier. This hacker can now access your Netflix and Amazon account. They can log into these accounts, change the email and password used and start spending on your credit cards. There’ll be no more Game of Thrones, and no more next day deliveries, and you wouldn’t necessarily even know it right away. Not only this, but they can use this information to access your bank account, breaking down your encryptions to your card details based on what they find on Amazon or Netflix.
Let’s say you use multiple email addresses, this will make your accounts safer, but if you still maintain the same passwords, you’re going to end up with a hacker who runs the emails and possible passwords through a system that will try to log into more than one website. They’ll get into your Facebook account. Suddenly a message to ten of your friends and family members goes out asking for money. Using the same password on every site is putting all of your login eggs into one basket. Remembering lots of passwords may be hard, but password managers can help you!