With the advent of innovative solutions, it’s important that we adapt to this evolving ecosystem to keep our digital assets safe.
In the wake of escalating data breaches and cyber-attacks, the ever-ready advice of “don’t share your password” is no longer enough. Passwords were and will continue to remain the primary keys to our digital presence and our most critical digital assets. Thus, following the best practices for password security is more vital than ever, whether you’re securing individual user accounts, e-mail, or networks. Strong passwords are the first line of defence for protecting sensitive information from cyber threats. We’ll delve into the anatomy of a good secure password and what are the best standard password creation practices one should employ while making new passwords.
Creating unique and strong passwords
While it might seem like we’re reiterating the same advice, there’s a reason: people frequently overlook it. Strong passwords are complex and lengthy and include a mix of lowercase and uppercase alphabets, numbers, and special characters. Moreover, passwords should be unique; different accounts shouldn’t have the same password. So, hackers won’t be able to access multiple accounts using just one password as the starting point.
So, how should one generate a strong password? While many websites have “Suggest a strong password” features, another way is to use a password generator like Roboform or 1Password. It’s a tool that generates unique passwords, varying from strong yet pronounceable options to complex groupings of characters.
While making strong passwords, it’s equally important that you avoid the top common passwords for safety and security. In fact, there’s even a list of the most hackable words that one should avoid.
Use a Password Manager
Using password managers is another way to help create and store unique and strong passwords for your accounts. Basically, they produce and store complex passwords for all accounts, so you don’t have the hassle of remembering all of them. Moreover, trusted, robust password managers encrypt the passwords, thus protecting them by storing them securely. They also use Zero-knowledge encryption, which means that your data is secured with a unique user key, which no one but the user has knowledge of and access to.
Password managers comprise three main components: a digital vault for storing passwords, a state-of-the-art encryption system for protection, and a master password to access the digital vault. However, that needs to be protected with extra care, which is where we come to our next point, which is two-factor authentication.
Enabling Two-Factor Authentication
Two-factor or multi-factor authentication (2FA, MFA) is slowly becoming the standard across many platforms. Basically, 2FA/MFA are additional security layers that require a second form of authentication besides a basic password. This can range from a one-time code sent to your e-mail or phone to a security token or even a fingerprint scan. Enabling MFA/2FA significantly increases account security since it’s much more difficult for hackers to gain unauthorized access.
In fact, Indian banks have already adopted MFA despite the RBI still rolling out a detailed framework for the same. Another example is YouTube, Gmail, and OTT entertainment applications throwing up security prompts when you try to log into your account using a new device. The use of 2FA/MFA grew significantly during the COVID-19 pandemic when employees working from home were asked to add another layer of authentication, such as installing certain apps, before they could access the corporate network.
Why 2FA/MFA is all the more important because, interestingly and worryingly, most cyber-attacks happen on social media accounts. For example, the SEC’s Twitter/X account was hacked in January 2024. The hijacked account published a post that resulted in the price of Bitcoin jumping to a 19-month high before plummeting 6% after the leak was discovered. Why? Because SEC’s account didn’t have 2FA enabled! So, it’s all the more essential to enable additional security on social media apps.
Safe Password Usage Practices
As important as it is to create strong and unique passwords, it’s equally important to follow good usage practices. Firstly, you should change your passwords regularly, especially high-risk ones like those for banking and e-mails. However, simply changing them is not enough; you must ensure that even the new passwords are unique and strong. This will help prevent hackers from gaining long-term access to your accounts.
Another good habit of using passwords is avoiding sharing them with anyone, not even family members or close friends. Sharing passwords significantly increases the risk of unauthorized access. Additionally, it could lead to social engineering hacks, where hackers gather information directly/indirectly, leading to a person’s password (Remember the movie Now You See Me?). Additionally, it could become impossible to determine the source of any possible security breaches. One way to share account access is by using a password manager, allowing people to share access without having to share passwords.
As World Password Day passed us by (May 2nd), keeping access protected in an ever-evolving digital landscape is all the more important. Since securing the digital frontier is getting complicated daily, the importance of robust password management cannot be stated enough. With the advent of innovative solutions, it’s important that we adapt to this evolving ecosystem to keep our digital assets safe.
In case you missed:
- The Best Multi-Cloud Identity Management Practices
- Tackling The Most Critical Cloud Security Vulnerabilities
- Top Digital Transformation Trends For 2024
- Everything you need to know about Digital Asset Management
- Improving Enterprise Network Connectivity In The Digitization Age
- Technology for good – How IoT is driving sustainability
- How Blockchain Can Solve AI’s Trust Problem
- Feeling the Heat: The Evolution of Data Centre Cooling
- Grief Tech And Digital Immortality: How Far Would You Go?
- The World’s Craziest Data Centres
