Since passwords were established in 1960, a recurring theme of cybersecurity has been Password Strength. The globally implemented tool for login security has always faced the challenge of being guessed or compromised due to low password strength, and moving into the new decade password security is as relevant as ever.
And if there is any indicator that password security is still a leading security concern, it’s when one of the most influential world leaders has a public password slip-up.
Allegedly, President Donald J. Trump’s Twitter password has been discovered during security research by Dutch researcher, Victor Gevers. Gevers suggested that upon merely his fifth attempt at logging in to the United States President’s account, he correctly guessed the president’s password was maga2020!.
One of the key takeaways from this alleged password breach, regardless of the purported owner of the password, is that security software (such as antivirus and firewalls) is not enough. Many studies, including this report from Kaspersky Lab, indicate that over 90% of data breaches are attributable to human error.Yet, according to research by comparethemarket.com.au, 87% of small business owners believe that using antivirus software alone is ample protection from cyber attacks.
The researcher involved in this alleged password discovery did not actually hack the President’s Twitter in the traditional sense; he merely guessed the password. Even if you have the world’s leading technology and resources available to establish strong, secure I.T. systems, all it takes is a simple case of human error, such as setting a weak password, for a potentially catastrophic breach to occur.
And while the mainstream media is constantly flooded with controversial and surprising stories surrounding Trump’s presidency, this is by no means an unusual or surprising case in the context of modern cybersecurity.
When revisiting the largest Australian data breaches of the past three years, you can see that many significant data breaches that occurred within well-known organisations were caused by simple human mistakes, such as mishandling password storage or falling victim to phishing attacks. And when you consider the gigantic risk of having weak passwords, compared to how easy it is to practice safer password hygiene, it’s apparent that all of us should make the effort to strengthen our credentials.
A perfect analogy is the Australian road toll. In 1970, there were over 1000 lives lost in traffic accidents. In 1971, seatbelts were mandated in all seats of motor vehicles, which led to a steadily declining Lives Lost count to now where we see less than 300 deaths on the road per year. Strong passwords have the ability, much like seatbelts, to drastically reduce risk and improve your safety.
Whether you’re a leading politician like Trump, or you’re simply looking to strengthen your work email logins, here are some key steps you can take to easily alleviate some risk:
- Create strong, unique passwords: A strong password should consist of a mix of uppercase letters, lowercase letters, numbers & symbols. It should also be at least 12 characters in length. Furthermore, avoid re-using passwords so that you can ensure your systems don’t share the consequences of a potential compromise.
Using a Password Manager can do wonders in creating multiple strong passwords without the hassle of needing to memorise them. Read here for more information.
- Practice safe password hygiene: Think of your passwords like a toothbrush. It needs to be good quality and it needs to be changed regularly. You wouldn’t use the same toothbrush for six months straight, and you shouldn’t use the same password for very long either. Update your passwords regularly.
- Use Two-Factor Authentication: Two-factor authentication works to add an extra level of security to your logins, by demanding a unique code sent to you via SMS or a Two-Factor app after you’ve entered your password. In the event that your password is stolen or hacked, Two-Factor can be the last deciding barrier between a data breach and your systems.
For more information on cybersecurity and password hygiene, visit cyberaware.com!