Are you sure I can’t just continue using passwords?
What’s your most used password? You know, the one you reuse for various logins – for your social media, to access your computer, and for your email account. Is it your name? Your date of birth? Or a combination of the two? Perhaps the names of your children or pet?
Or even worse, do you simply use “123456” or “password”? These two were reported as being amongst the top most used, and least secure, passwords in 2017.*
According to a recent survey* the average person has 27 passwords to remember, which is simply too many to make each unique and safe. The human brain usually doesn’t have the capacity to recall so many passwords, so we simplify them and reuse them. And this leaves us vulnerable to being hacked.
These days many passwords are used to access accounts linked to credit card details and other sensitive information. And when you combine weak passwords with valuable information you can see why cyber criminals are finding their profession to be so lucrative.*
So what are your options?
1. Don’t reuse the same password. The hacker(s) will generally run your username and password combination over all your accounts + thousands of other websites just to see if there are other accounts you might have access to.
2. If you continue to reuse weak passwords many experts feel it is not a matter of “if” but “when” a data breach will occur. Of course using different and complex passwords makes it impossible to remember them all. If you have (say) more than 3 passwords, it may be time to invest in a Password Security solution. You could use password management software such as the popular LastPass and there are many others.
3. Do not log into public WiFi hotspots to access your bank accounts, or any websites where you use your ‘standard’ password. Hackers will use an application that enables them to monitor (your) public Wi-Fi traffic. When you enter your banking credentials, the hacker will be notified and they’ll soon be using your money to buy a trip around the Caribbean.
4. Phishing attacks are the other big one, and they’re becoming quite sophisticated. The ‘fake’ sites, emails, SMS messages or social media links all look extremely legitimate and it’s hard to tell them apart unless you critically inspect the URL (web address). And in some cases they are incredibly similar to the correct address. So unwittingly you’ll click on a fake link and enter your details, which then opens the legitimate site. But as soon as you do, the hackers have loaded malware or a virus onto your computer, they have all your details, and will soon be extracting the contents of your bank accounts.
5. Another type of phishing attack (also perpetrated through the use of a fake website) inserts a key-logger when you click on their fake link. The key-logger software sends all the key strokes (typed information) back to the hacker who can then extract your username and password.
The best idea is to use and invest in multi-factor authentication (often called two-factor authentication, MFA or 2FA), whenever possible. Go with a bank that offers multi-factor authentication. Also, switch it on for your social media accounts. This added layer of security makes you a much less attractive target for hackers, who will move on to the next, and highly plentiful, target.
For information about our world’s best multi-factor authentication solutions visit: https://www.mi-token.com
*Sources:
https://www.itnews.com.au/news/123456-tops-list-of-worst-passwords-again-480378
https://www.buzzfeed.com/josephbernstein/survey-says-people-have-way-too-many-passwords-to-remember?utm_term=.ixqLZJxwD#.ou04QMPrk
http://www.businessidtheft.org/Education/WhyBusinessIDTheft/tabid/85/Default.aspx