World Password Day: The ‘key’ to your treasures

World Password Day:  The ‘key’ to your treasures


3 May 2018 – Thursday, May 3 is World Password Day, an annual event that takes place around the world to raise awareness of the importance of strong passwords and best practices for online account security. With the continuing proliferation of cyberthreats, it’s a timely reminder that one of the most effective steps people can take, online, to protect themselves and the companies they work for is also one of the simplest.

Nick FitzGerald, Senior Research Fellow at ESET, said, “Regardless of how passwords are stored, if users choose simple or easy-to-guess passwords, then they’re still at risk of being hacked.”

Brute force password cracking, where a trial-and-error method is used by an application to decode encrypted data such as passwords, may have seen KrisFlyer frequent flier miles drained from the user accounts of Singapore Airlines’ passengers.
Simple passwords aside, another poor practice is re-using the same password. Users run the risk of having multiple accounts compromised should a hacker get lucky on just one platform.

“World Password Day aims to stop these behaviours and to encourage all computer users to strengthen their password practices. It’s also worth considering two-factor authentication so that, even if a hacker guesses the password or obtains it via phishing, they still won’t be able to access the account without entering a code that is, for example, sent to the user’s mobile phone.” FitzGerald emphasises.

While there is increasing awareness of the importance of creating strong passwords, people still feel overwhelmed by both the number of devices they have to manage and passwords they have to remember.

Here are five key ways that people can strengthen their password behaviour without having to commit long, complex passwords to memory:

1. Close all accounts that aren’t regularly used. Closing old accounts and maintaining just one account on each social media platform can help protect users’ privacy, especially if they contain sensitive information.

2. Treat accounts differently. Some accounts contain important or sensitive data while others don’t. For those with important data such as bank accounts, health information, and the like, it’s essential to create long and unique passwords. For those that don’t have important data, a shorter, simpler password may suffice.

3. Use a passphrase instead of a password. A passphrase is a sentence that’s easy to remember and contains uppercase and lowercase characters, some punctuation and/or special symbols, and numbers. These are most effective for users to remember, but don’t include famous quotes from movies, songs or books, since these can be easy to guess or obtain from social media.

4. Use a password manager. A password manager is a tool that encrypts and stores all account passwords and is accessed by a single, master password. This lets users concentrate on remembering just one complex password or long passphrase, instead of potentially dozens.

5. Enable Two-Factor Authentication (2FA) where possible. 2FA identifies the user to a service provider by providing a combination of at least two different authentication methods. These may be something that the user knows (like a password or PIN), something that the user possesses (like a hardware token or mobile phone), or something that the user is (like a fingerprint or iris scan). 2FA offers greater account security by requiring the user to authenticate their identity with more than one method. Opt for 2FA login methods for your email and social media accounts for greater security.
FitzGerald said, “Passwords are crucial to security. It’s also important to keep operating system or application software on all devices up to date, since updates often include security patches that will protect against new threats. Taking these simple steps can help keep individuals and companies safe online.”

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit www.eset.com or follow us on LinkedInFacebook and Twitter.




For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
SHARE
    Blogger Comment
    Facebook Comment

0 comments: