Use Longer Passwords
With the rate at which computers can guess passwords , increasing the number of characters can immediately mitigate some risks associated with brute-force and dictionary attacks . A password of 8 characters can be cracked in just a few days versus approximately 4 million years for a similar password of 12 characters . We suggest using a minimum of 10 to 12 characters for all passwords . Just head over to www . howsecureismypassword . net and see how long it would take a modern computer to guess your password .
Vary Your Passwords Among Accounts
While having a longer and stronger password is a good start , it doesn ’ t necessarily mean you are risk-free with online security . When you create a new account online , your password or some derivation of it gets stored in a database somewhere in cyberspace . While we hope that this database remains secure , we are constantly reminded by news of big data breaches , that this isn ’ t always the case . While some sites store your password in an irreversible encrypted manner , others user simpler methods that could be reversed to reveal your true password . If your email address and password are stolen from a less-secure database , attackers will commonly try those same credentials at other sites like Amazon and eBay . If you use the same password for many different sites , a single compromise could leave many of your accounts vulnerable . This reason alone has us recommend utilizing different passwords for different accounts , especially ones of personal and financial significance like email , banking , and online shopping .
Take Advantage of Multi-Factor Authentication
The days of using only a username and password for validating your identity are coming to an end . With the widespread harvesting of stolen account information and rapid ability to guess passwords , the traditional method of authenticating to online sites is no longer secure . Fortunately there is a way to complement the username and password with another way to identify yourself online , but often you have to seek it out . Multi-Factor Authentication ( or MFA ) is something you probably use occasionally and may not even realize it . It is the use of another form of identifying yourself in additional to a username and password . Often this comes in the form of an email or text message with a special security code that you must input after entering the correct username and password . The effectiveness of multi-factor authentication is that it requires verifying both something you know and something you possess before allowing you access to your account . Your username and password is what you know . Your cell phone that receives a text message is something you possess . Many banks and other institutions dealing with sensitive information now require multi-factor authentication , but you may not realize some of the other accounts that do , too . Popular sites like Google ( Gmail ), Amazon , and Dropbox all offer multi-factor authentication , but you have to go into your account to enable . We strongly recommend that you enable and setup multi-factor authentication for any site that offers it . Doing so will exponentially increase your account ’ s security in exchange for the minor inconvenience of an extra step while logging into your account .
Use a Password Manager
A common challenge for even the occasional Internet user is remembering the plethora of usernames and passwords for online accounts . Even the most basic activities online require an account and you can quickly amass dozens or even over a hundred accounts online . How can you possibly keep track of all these accounts , much less do so using unique passwords for each as previously recommended ? While putting all your passwords in one place will inherently introduce some risk , it also may be the best balance between security and usability . A password manager is a piece of software in which you can enter your usernames and passwords for your various online accounts . Many even detect when you visit a site and will automatically fill in your password for you . While convenient , you should scrutinize any software where you plan to store that much sensitive information . We generally recommend a solution that remains solely in your possession like KeePass . This software installs and stores all data on your computer with a master password necessary to unlock your password list . Other alternatives , such as LastPass , store your account information online in an encrypted format . Because it is hosted by another party , you must put your trust in a third-party to handle your account information securely and be available when you need it . Reputable online password managers , like LastPass , will offer multi-factor authentication to open your password list , which you will certainly want to take advantage of .
Conclusion
With cyber-attacks on the rise and increasing numbers of criminals looking for a piece of the multi-billion-dollar-a-year industry of Internet crime , your online identity is becoming ever more at risk and you must work diligently to protect it . Using a lengthy password of at least 10 to 12 characters is a great start , but security breaches can expose even the best of passwords . Using varying passwords for different accounts can help immensely but using multi-factor authentication , if available , may be your best line of defense . Don ’ t take a backseat approach to protecting your online identity . Otherwise , you might just end up wishing you were a sports-playing monkey in a zoo .
Chris Hamm is a senior systems engineer for leading business IT consultant Premier One Data Systems . Visit www . premier-one . com for more information .
12 KANSAS INSURANCE AGENT & BROKER | January-February 2016 |