Yesterday, the first Thursday of May, was World Password Day, meant to serve as a reminder of the importance of good password hygiene. However, if that is the purpose, every day should be Password Day.
Passwords not only allow us to shop, learn, socialise online, and date, but also protect us. The issue of personal data security has become even more acute because, with the advent of the pandemic, many users spend more time at home, and as a result, use their devices more. According to a DoubleVerify study, daily time spent on consuming content online has doubled globally since the start of the Covid-19 pandemic, from an average of 3 hours 17 minutes to 6 hours 59 minutes.
A recent Kaspersky survey, “Consumer appetite versus action: The state of data privacy amid growing digital dependency”, found that 31% of all respondents had experienced some kind of infection or intrusion on their devices and more than half (53%) of them have incurred financial costs as a result of infection or intrusion.
At the same time, another widespread concern is the safety of our online worlds. 28% of online users experienced attempts to hack their online accounts, with a large number (41%) of these people reporting that they had their social media accounts targeted. A similar number (37%) were targeted through their email account, along with 31% targeted through a cryptocurrency wallet.
Nevertheless, after 2020 and the pandemic more users are trying to follow cyber hygiene rules and monitor the strength of their passwords, as well as the security level of their devices. According to the survey, 89% of all respondents take some of the more common, but effective, personal IT security actions and put them into practice to protect their privacy and keep their personal information safe. Likewise, 37% of people use passwords to lock their files, in the hope of ensuring that their data remains in their hands.
In earlier times, a six-symbol password was safe enough, now users need to invent combinations, which consist of at least eight symbols, but 15 is always better. And this comes hand in hand with two-factor authentication technique, smartphone fingerprints scanners, CAPTCHA and other security measures.
These additional measures vary from device to device and all of them carry their own specific problems. That’s why passwords are inevitable. Kaspersky provided the following tips for the right and wrong ways to use them:
- Lexicalized words, proper name and other combinations are no good when it comes to passwords. That’s why one should forget about such variants as 123457, dragon, letmein or qwerty.
- Don’t use a foreign word, written in English letters. Hackers have special dictionaries, which contain such combinations, so this method gives no additional security at all.
- It’s better to invent and memorise reliable passwords. It’s rather hard to remember a meaningless combination, but you can easily learn symbols and figures that mean something personal for you. Here we explain this method in depth.
- Another good way to remember a password is to type it on a keyboard about a dozen times. As a result, you’ll start typing automatically, without questioning yourself “What comes next?” Moreover, high typing speed will protect you, when a curious coworker tries to remember your passwords by peeping over your shoulder. Unfortunately, this method won’t work so well when you start entering your passwords on your mobile devices. That’s why it’s better to use tips from points 3 and 4 simultaneously.
- Remember that a good password should always contain figures and special symbols. More importantly, there should be both upper and lower case letters.
- Never share your password with anybody, as well as the method you used to create it. For example, if criminals find out that you used words from your favorite song, they can examine your social media profile and thus engineer your password.
- If you share a PC, a laptop or a tablet with your family members, never tell them your passwords – it’s better to make a separate user account for them. It has nothing to do with distrust: the thing is that your family can be tricked to give your password away or just accidentally leak it.
- You should use unique passwords for your most important accounts, especially for your email, online bank and social networks. One or two reliable passwords that you use everywhere are not enough. Cybercriminals might face certain troubles when stealing your login credentials from a bank (though not obligatory), but they would definitely be more lucky on a poorly protected dating website or something like that. And then there will be the ripple effect: a criminal will hack your accounts one after another.
- Apart from traditional passwords you should enable two-factor authentication on all important accounts. If a criminal hacks or somehow finds out your super-reliable password, this method will protect you.
- If you are sick and tired of all these discussions about passwords, and you’d rather not to learn by hard several reliable combinations, you can use a special piece of software. For example, Kaspersky Total Security has a built-in Password Manager component, which can create and securely store reliable passwords. It works on all popular platforms, such as PC, Mac, Android and iOS. By utilizing a special software you’ll need to remember only one master-password, as all the other things will be done by your password manager.