Three Cyber Aware tips to protect your password(s): World Password Day sees 555,278,657+ stolen credentials.

Depending on your part of the world, today is World Password Day! While for fellow Downundians it was actually yesterday, there’s never a bad time to strengthen your passwords!

As of right now, HaveIBeenPwned (a database of real-world passwords previously exposed in data breaches) reports 555,278,657 stolen passwords in their database.

You can actually visit their website and check if one of your passwords is among the many stolen.

Furthermore, large portions of these passwords and the countless unaccounted for in unknown data-breaches are constantly being bought, sold, and used in the dark web to exploit individuals and organisations at large.

To best avoid your passwords being bought & sold on the dark web along with the billions of others, we’ve come up with three key password tips to close out your work-week:

Tip 1: Start Passphrasing!

Have you ever struggled to come up with a strong enough password for a new login? The easiest way to get around this, while still creating a password that’s easy enough to remember, is passphrashing!

If you haven’t already heard of it, passphrasing is essentially like using an acronym; you take the first letter of each word in a sentence or phrase, and use it to make a password!

For example, “I’m going to the pub after lockdown” could be used to make a passphrase such as “iGtTpAl831”.

This way, you have an easily memorable password that’s much harder for a hacker to guess or crack. Remember to use a mix of upper & lower casing, as well as some numbers & special characters for extra strength.

Tip 2: Regularly Change your password!

Passwords should be treated like your toothbrush. Never share it around, and change it regularly.

The reason for this is that even if you have a strong password that is entirely unguessable, it can still be lost or stolen in other ways. Take, for example, the recent Zoom security issues; one of which saw a large pool of passwords stolen during a data breach and sold on the dark web.

In this scenario, weak and strong passwords alike were outright stolen and leaked entirely outside of the end-users control. And considering that on the dark web, password trading and password dumps are still being performed regularly, sometimes in chunks upwards of 2billion at once, it’s more likely than not that your passwords are already out there.

Even if you have a strong passphrase, change it often to ensure that your password is private & secure.

Tip 3: Use a password manager!

At the risk of sounding like Elon Musk discussing his newborn in the new Joe Rogan podcast: human brains are a lot like computers. We have a limited amount of memory.

Rather than scrambling to remember each and every unique password, or worse, compromising the strength & complexity of your passwords to ensure that they are memorable, use a password manager!

The way that password managers work is similar to how a browser’s auto-fill works. When logging in to an account, you type in your username & password just once, then your password manager securely stores and remembers them. Next time you log in, the password manager will take care of the grunt-work and log in for you.

The only password you still need to remember is your master key for the password manager itself.

You’re probably thinking that this doesn’t sound safe, but in exchange for this easy login tool, good Password Managers bulk up their security on the master login. Often times, you’re required to know your master-key, have a two-factor authentication code, and authorise the device that you’re logging in from.

In exchange for that hassle, you don’t need to write down or remember any of your other passwords, and they’re actually kept safer as a result!

Some password managers I’d recommend are LastPass1Pass (my preferred choice), and the updated Google Password Manager with Two-Factor enabled.

For more information on work-from-home security, visit https://portal.cyberaware.com/remote.

Comments are closed.
Top
Before you go, get a demo of our next-gen security awareness platform and see how we can help reduce your client's human risk.
WAIT!
Thanks, Not Interested
GET STARTED!
Get a demo of our next-gen security awareness platform today. Please fill in the form below and a member of our team will be in touch shortly.
Get a demo of our next-gen security awareness platform today. Please fill in the form below and a member of our team will be in touch shortly.
GET STARTED!
Thanks, Not Interested
GET STARTED!
Get a demo of our next-gen security awareness platform today. Please fill in the form below and a member of our team will be in touch shortly.