How To Secure Your Passwords and Logins In 2021
According to the Ponemon Institute's Research, people on average use one password across five separate accounts. Consequently, this could potentially decrease the password's security level and increase the probability of a password breach. The most alarming of all is that the most common way to store a password tends to be memorizing, and the second favorite is writing it down on a sticky note. These kinds of practices tend to be extremely risky, and if used in a workplace, they can damage the business and bring irreparable damage to all involved parties.
The technology was a lifesaver during the pandemic, and it helped to ensure the continuity of people's usual activities and practices. With most employees working remotely, the companies had to put more thought into their security and privacy strategy. Hence, they are starting to grasp the shortcomings of simple password protection, and they're trying to secure their systems on multiple fronts. As a consequence, 2021 has been the year of multi-factor authentication and biometrics breakthroughs. Face and voice recognition and fingerprints have become a standard part of the modern security game. Still, now we can see more and more banks and other companies starting to use a retina scan in their authentication strategy. On top of that, Microsoft has recently revealed that 90 percent of their employees completely switched to a passwordless system. Therefore, we can expect biometrics to completely take over the authentication arena in the next few years.
How to secure passwords and logins
A reliable security strategy is a serious business. That's why we came up with a list of crucial steps everyone must keep in mind when securing their passwords and other login data.
1. Use a Multi-Factor Authentication
Image from Pixabay.com
Using multi-factor authentication is slowly becoming a golden standard in the security realm. Since the good old passwords are slowly becoming outdated and not secure enough, users need more refined mechanisms to layer their security strategy according to their unique preferences and requirements. Multi-factor authentication or MFA requires more than one authentication factor to gain access to the account. These authentication factors are usually divided into three categories:
- The things you know (password, security question, PIN),
- The things you have (phone, credit card, token),
- The things you are (fingerprint, voice, face).
To gain safe access to the account, the user needs to include factors from all three groups. This kind of security mechanism relies on the assumption that someone who wants to access the account has a slight chance of figuring out all three (or even more) factors to enter. It usually means that the user has to come up with a strong password, then he has to enter a unique code and give final permission with a fingerprint.
2. Use a VPN
A VPN service can be a great addition to a well-designed protection arsenal. Security.org published research stating that 49 percent of people use a VPN for security reasons, and 40 percent listed privacy as their top priority.
Those who find themselves using public WiFi from time to time have to be especially cautious because public networks tend to be an excellent opportunity for stealing data. Hackers can often interpose themselves between the user and the network provider and collect sensitive data in transfer.
A Virtual Private Network (VPN) will connect the user with a VPN server through the encrypted tunnel, protecting him from possible intrusions from malicious third parties.
Since a VPN encrypts all the data in transfer, it will encrypt passwords as well.
Moreover, it can be pretty helpful in protecting online identity in general. This tool will hide an actual IP address and assign a new one that can't be traced back to the original user. This way, internet users can enjoy more freedom while browsing.
3. Use a different password for every account
People tend to be lazy when it comes to passwords. The most common scenario is when users make up a password that's easy to remember, and they use it across multiple professional and personal accounts. This kind of practice can severely jeopardize sensitive information since entering one account could potentially lead to breaking into multiple accounts. In addition to that, when choosing a password, there are some practices that could increase the overall security of the account:
- Don't use your name, the name of your pet, or your relatives,
- Don't use any personal information (address, birth date, anniversary date),
- Don't choose numerical passwords (e.g., license plate number),
- Don't use gibberish phrases (you'll forget it),
- Use a combination of numbers and letters,
- Use a mix of lower and upper case letters and symbols,
- Use something obscure - a combination of unrelated words.
If, for some reason, you still don't want to put your trust into the hands of a password manager, and you like to write all of your passwords down, buy a separate diary or a notebook for that, put down all your sensitive information and store it somewhere safe. Think of a place where you keep your passport and birth certificate.
4. Use a password manager
Even though humans tend to pride themselves on being the most intelligent living beings on the planet, our memory tends to be quite flawed. That's the main reason why a password manager is the best option when it comes to keeping your accounts safe and sound.
There are a few types of password managers you can choose - locally installed or offline password managers, web-based or online ones, and token-based password managers. The locally installed managers keep the passwords on the device in a separate encrypted vault. This kind of manager tends to be quite tricky to use across different devices since the account sync can be challenging to set up. Also, it's crucial to have a backup because if the device breaks down, it could result in permanent data loss.
Online password managers are the most popular ones, and they store passwords in the cloud. The password manager encrypts the passwords on the device before sending them to the server, ensuring your credentials' absolute discretion and safety. Also, it's much easier to sync the vault across the devices than with the offline password manager.
The third option is the token-based managers that include a physical device like a USB stick or a token to store encrypted passwords. The most significant advantage of token-based managers is that they're not connected to the internet, making them less exposed to cyberattacks.
5. Use security tools to secure your online activities further
Since privacy and security have a higher value in the post-Snowden era than ever before, people are becoming more tech-savvy. They are looking for new and improved ways to protect their online presence. Hence, today, various services and tools can successfully encrypt the data and ensure a safe transfer regardless of location and imposed restrictions.
The saying 'There is no such thing as a free lunch' proves to be especially true among email providers. Even though Gmail may be free, it harvests your data in exchange for the service it offers.
For those looking for a safer and more private alternative to standard email providers, ProtonMail is a go-to option. ProtonMail offers end-to-end encrypted emails, which means that the communication between the users stays personal and potential eavesdroppers can't have a piece of it.
Similar to Gmail, web browsers store the users' data as well. They like to keep track of their users' location, interests, the people they communicate with, what they watch and share on social media, etc. The best way to avoid browser trackers is to switch to Tor. Tor Project is a software package made by an anonymous group of privacy enthusiasts that gives access to a private web browser that won't track web searches and store the metadata.
The signal is a messenger app designed to keep your conversations safe and sound by implementing end-to-end encryption. Like all the other tools and services that use encryption, Signal will encrypt the messages and leave them available only for app users. Furthermore, any third party who happens to stumble upon your messages will not be able to read them. Having that in mind, messages sent to people who don't use the Signal will not be encrypted.
6. Never leave your device unattended and unprotected
This one should go without saying, but a considerable number of people tend to leave their devices in plain sight when they're taking a break and when they're stepping out of the room. Carrying a laptop with you can be tricky, but it's essential to keep an eye on the devices at all times. Locking the computer with a secure password before leaving the office is an additional way to avoid potential intrusions and data theft.
Considering that the war against cybercrime will become even more demanding, internet users need everything in their power to respond to hackers' heavy artillery. Education and familiarizing oneself with security and privacy mechanisms should be the first line of defense. That being said, there is no one-size-fits-all approach when it comes to cybersecurity. Every successful security strategy should be customized to specific needs and preferences.