11 Password Security Faux Pas You’re Probably Making
You just got a mail saying, “Your Google Account was just signed in from a new Samsung Galaxy A30 device”; oh hey, you don’t own a Samsung Galaxy 30. Someone just logged into your Google account and now has access to all your emails and other personal data. That is alarming.
Lots of people received such an email or other security breach alerts lately. And most of them are not sure what they could do about it. How would you prevent such things?
How Secure Is My Password?
As we all know from our childhood, “a stranger is a danger.” It is right in the internet security too. You need to be careful while using your passwords on websites, forms, etc. The fact that some malware infects nearly one-third of the world’s computers is quite startling.
How Safe is My Password
Your password could be subject to a computer virus, trojan, adware, and spyware or phishing. All of these are threats to your passwords. These viruses and malicious software attack your computer, and once inside, record your password and breach it out along with other personal data as well.
How to Create a Strong Password
To keep your online information secure, avoid one or more of these eleven biggest password security faux pas.
1. Not Adopting a Password Manager
So many passwords for different online accounts is complicated to remember. That is why they created password managers. 1Password, Dashlane, or LastPass are safer alternatives to keep your password secure.
Your password is contained in an unsecured plain-text document or written on a sticky note attached to your desk in plain sight. But the most valuable feature that password managers keep all your passwords saved so that you don’t have to keep them in your head.
Momentarily you can create a strong and unique password for every website or app you use. Having unique passwords for every account means that if one of them gets compromised, the others stay safe.
Now, aren’t these password managers unsafe? Well, there is a little risk involved when you use one of these password managers. All reputable managers have their databases encrypted with a “master password.” This master password is safe in a way that this never goes to any server it only lives in a user’s head. All user passwords and logins kept on the user system in the encrypted database, which locked with the users master password.
Not having user data also called a Zero-knowledge approach. Password manager company doesn’t have your master password so they can’t access your other passwords. Even if the password manager is a part of a data breach, users passwords won’t be compromised.
2. Reusing Passwords
If you continue using the same password on every website, you making it is easier for hackers to overrun into all your accounts at the same time. Password cracking programs work in a way that they find similarities between passwords and make the cracking easier.
Once hackers have found one of your passwords, they will try it for all of your accounts. If you keep using the same passwords, they can easily crack the weakest web service and immediately get access to all your accounts, including the most reliable financial and banking services.
3. Using Easy to Remember, Simple passwords
All of your information on social media is easily accessible: anniversary dates, birthdays, favorite spots, etc. If one of these is your password, then you have given up your security with your own hands — people who use passwords based on easily accessible data are risking every day.
Also Read :
Protect Your Online Banking
Let the hacker go berserk trying to guess your password. The secret to minimizing guessing, to prevent password theft is randomness.
Are you wondering how do hackers guess? Well, there are two things that they do:
1. Use “dictionaries”— a list of common passwords that people use like 12345678 or ABCD, QWERTY, PASSWORD.
2. Make wild, random guesses based on social media information. So if your password is long and consists of a random set of characters, it is almost impossible for their guessing technique to work and hence, you are more secure.
4. Keeping Predictable Password Security
The most common question while creating security answers; my mother’s maiden name is? Your obvious answer to it is your mother’s actual name. Security questions based on easily accessible data is a piece of cake for hackers. All such information is present on your social media. Try using “Ff926AKa9j6Q” to answer your mother’s name. The key here is that the answers to these questions need to be just as secret and secure as your password. If not so, it is easy for an attacker to guess specific answers and set a password you would never know. Also, pick up questions that only you can answer, minimizing the risk of correct guessing by hackers.
5. Sharing Passwords with Your Friends
Well, this is a common sense, and not so common! It is obvious to avoid the practice of sharing passwords with friends and family. More people knowing your password, more the risk of your password getting slipped and your account being hacked.
Also Read :
Tips on how to create a secure password
6. Avoiding Updating Passwords
After a certain period, many websites will prompt you to change your password. Some sites do not allow to use the same password twice. Unique, strong passwords is a way to ensure your account safety in the long run. So don’t be annoyed. Always change your password when advised and use it as an opportunity to adopt a new habit.
7. Not Keeping a Two-factor Authentication
Another simple way to protect your information from breaching is adding a “second layer” to the login procedure. You must have experienced this, that the second factor is usually engaged to your phone so that only you the access to it. Two-factor authentification (2FA) implies that even if the intruders got your password somehow, they could not log in to your account until the access is confirmed by your phone. To enable two-factor authentication or 2FA, associate your phone with your online account on the website. Each site has a various set of 2FA steps, but mostly it involves entering your phone number or barcode scanning with a different app. Then the site is going to ask you for a code from your phone.
2FA is like a protective layer on your account. If the intruders don’t have access to your phone, they can’t receive the code, so he can’t log in. Use it always when offered by specific sites.
8. Creating Passwords in the Order of Password Suggestion
We have all noticed specifications of length and characters to cast a password. Most of us make a mistake of using the suggestion in the same order it says. Following the guide strictly is the biggest faux pas mistake you can make. Most websites will suggest using Upper case and lowercase letters, numbers, maybe even a special character, and that’s usually the order they’re created. Stop that habit right now and mix it up!
9. Not Using Forced HTTPS
There are several other red alerts that you need to notice to be safe with your online accounts. An unencrypted website is easy to hack, i.e., it gives easy access to attackers to steal your password. To prevent this, look for the lock icon in the URL bar. Never type your account password unless you see the lock in the URL bar.
The lock signifies that the website in use is an encrypted one. Which means that even if hackers are watching you browsing on a public Wifi hotspot or phishing, they won’t have access to your password. Many websites now have a feature that warns you when you are about to enter your password on an unencrypted site.
10. Not Paying Attention to Phishing Alerts
Browsers are evolving and are developing features to keep your information and data safe n all possible ways. They help you stay informed about how trustworthy a site is, and hence save you from phishing. A browser helps in keeping you notified about not reliable sites too, to keep you safe from phishing. Your browser will also warn you when you try to visit a website that is a phishing site. Stay away from such websites when you see a full-screen warning as-pay attention and don’t use that site!
11. Not Using a VPN
nstall and use a VPN to encrypt all your traffic. A VPN is of use when you are connecting to public Wi-Fi, for example, at the airport or a coffee shop. Security is poor at such places, and your information may be breached easily.
A VPN encrypts your internet traffic, routing it through a secure server in hand by the VPN company which means no one, not even the owner of the free Wi-Fi network, will be able to eye on your data.
If you are new to VPN, and if you feel it is a very new thing for you to do; no worries, read the feature on how to set up and use a VPN and you will be good to go.
Password Security is a Key to All Your Personal Data
Presence in the digital world also means that you need protection from others who might peep into your data. All valuable things — bank records, medical records, personal letters, emails; all of it is now present as a password protected the online account. No one, not even you can read your emails, or transfer money without knowing or entering the password. Websites use login procedures to protect your valuable data.
Also Read :
How to encrypt Gmail to secure your emails?
A strong password is like a sole gatekeeper that will prevent a hacker from spying into your online life. The choice is yours; protect your home (online account) with one susceptible lock or get a complex system of deadbolts, padlocks, and alarm.