The strength behind strong passwords
Written by Thea Krekke
Security trends in 2023 will focus on automated solutions, AI-based tools such as ChatGPT and Midjurney, cloud storage security, application security, multi-factor authentication, and blockchain security. These trends are essential for businesses to follow looking to secure themselves in the ever-changing digital landscape.
Common to several digital solutions we work with today is that they are protected with a password. In fact, the password is the first line of defense against the digital threat landscape.
Almost daily, we read news about data breaches, phishing attempts, and ransomware attacks. The number of cyberattacks has steadily increased in recent years, and 2022 was no exception.
A whopping 38% increase in attacks globally!
According to the IT security company Check Point, the war in Ukraine and new technologies have had a significant influence on the increase.
In Check Point's security report, we see that the distinction between hacktivism and state-sponsored cyberattacks is becoming blurred. Ransomware becomes even tougher to handle, and attacks on cloud storage and cloud services skyrocketed by 48% from 2021 to 2022.
How can you protect yourself?
Do not underestimate the importance of having unique and strong passwords.
A password is compared to a key that opens the door to our digital world.
Just as we do not wish to use the same key for all our belongings, we should also avoid using the same password for different digital services.
If someone unknown gets hold of your password, they will have full access to all the digital services where you have used that same password.
Why should you have a strong password?
Although all cyberattacks are becoming more and more sophisticated in line with technological advancements, it's surprising how many of them manage to compromise systems through weak passwords.
Personal identity protection:
A strong password protects your personal and financial information. Without robust passwords, criminals can access bank accounts, credit card information, and other sensitive data.
Business protection:
Imagine if someone unauthorized had accessed your work PC?
In the business world, compromised passwords can lead to the loss of crucial business information, customer data, and even intellectual property.
Protection against automated attacks:
Hackers often use automated tools that quickly try thousands of common passwords. Strong passwords make it more challenging for these tools to break in. What makes a password strong?
A strong password is characterized by a combination of uppercase and lowercase letters, numbers, and special characters and should avoid known words or personal information. Today, it's often recommended to use password managers like LastPass or 1Password.
- Length: The longer the password, the better. A password should be at least 12 characters long, preferably longer.
- Complexity: A combination of uppercase and lowercase letters, numbers, and special characters increases the strength of a password. Do you speak in a dialect? Use it too!
- Avoid common words: Dictionary attacks, where hackers try all the words in a dictionary, are common. Avoid standard phrases and combinations.
- No personal information: Never use easily recognizable information like birthdays, pet names, or anniversaries.
- Uniqueness: Do not reuse passwords across multiple websites. If one site is compromised, the others remain secure.
- Two-step verification should be a requirement! This is an extra layer of security that protects you well.
- ÆØÅ or dialect adds extra password strength, but it can be challenging to log in to services via foreign machines.
Safe Password Practices at the Workplace
For now, passwords remain our primary means of accessing various systems and services. Biometric authentication technologies such as fingerprints, voice recognition, and facial recognition are becoming widespread, but they also present privacy concerns. This technology is also relatively expensive and complex for daily use across multiple devices/platforms.
Mobile-based authentication can be impractical (e.g., without a smartphone or battery) and susceptible to attacks. Another solution is the public key infrastructure (PKI) used for authentication through encryption, but this requires significant resources. Two-factor authentication with a physical token is also an option.
Implement a policy to use password managers:
Such as 1Password or Dashlane. These are smart digital tools that automatically generate and store strong and unique passwords for you. Some come with a fee - consult with the IT manager at your workplace to see if they offer any solutions.
When creating strong and unique passwords for each service, it's unnecessary to change passwords regularly. Frequent password changes don't necessarily provide extra protection if one password is compromised.
Two-Factor Authentication (2FA):
Even if you have an exceptionally strong password, 2FA adds an additional layer of security. This usually involves a code sent to your mobile phone or verification via an authenticator app. It's the most crucial measure you can adopt to ensure unauthorized individuals don't access your user accounts.
Stay Updated:
https://haveibeenpwned.com/ is a service where you can easily check and be alerted if your email address or domain appears in a data breach.
Currently, strong passwords are an essential part of our digital protection. It's not just about selecting a robust password but understanding its significance - it's a straightforward investment in our own digital world's security.
However, technology is rapidly evolving, and in the future, we might not need to use passwords. New methods of verifying your identity could replace today's passwords.
We are fortunately moving towards a time where logging in can occur without us entering a password.
Stay safe with Compello
With us, user data is well protected. As part of Visma, a leading cloud service provider, we adhere to high security standards and requirements.