Passwords are essential to your cyber security, but you probably have dozens of them and its difficult remembering them all. Over time you are prompted to change your password, or you forget one and rather than create yet another new one to remember you start using the same password for everything. You are not alone, over half the Internet users in the world have only one password.
Some people also use “password” or “123456” as their logins or don’t change device default passwords meaning anyone can pick up a router for example, look at the sticker identifying the password and access the network.
Cyber criminals can also guess your password with a little bit of research about you online then make informed guesses. Common passwords include pet names, birthdays or anniversaries and are all easy to find via your social media accounts.
Criminals can also use brute force, they may script an automation bot to run thousands of password permutations until they get a hit.
Criminals might also work with information from a data breach. 360 million MySpace emails and passwords and 117 million LinkedIn account details have been leaked and in early 2019 a security researcher found more than 2.7 billion email/password pairs available on the Dark Web.
They can also access your account if you’ve used a hacked public computer where they install a key logger, recording all the keys you press on the keyboard, or they may have compromised a router or server.
Another method criminals may use is phishing. For example, you may get an email from your bank but with a very slightly different email address that you do not spot. The email will be very urgent and directs you to what looks like a credible page.
What Can You Do?
All the above can look frightening and unnerving knowing they are trying to get their hands on your valuable data by all these different methods, but you can try these handy tips to try and keep you safe:
- Be careful what you share on social media. Special birthdays giving your date of birth, nicknames, addresses, where you used to live are an absolute goldmine of information to hackers
- Avoid obvious passwords, when you must create a new one or update one steer clear of simple, easily guessed patterns. Use complex passwords using capital letters, numbers and symbols, it might seem complicated but <character> <word> <something about the site> <numbers> <character> becomes !K1ttyFB75! for example which is based around the word “kitty” and where FB is for Facebook and just change the FB for something else on a different site.
- You could also use a passphrase rather than a password. A passphrase is a whole sentence, no spaces, typically at least 19 characters long and which means something memorable to you but again not easily guessable.
- Use a unique password for each site and although it might seem overwhelming do not store them on your computer, if hackers do get onto your computer, they will have hit the jackpot. You could use a “password manager” which is a secure site that will keep your passwords secure.
- Be cautious about your online activity on shared computers or networks you don’t trust.
- Pay attention to who is sending you emails and hover the mouse over the link to see where it goes. If you are concerned about your bank account for example open a browser and type the URL manually rather than clicking the link.
What to do if Your Password Has Been Hacked
You can check to see if any of your accounts have been compromised by entering your email into a site like “haveibeenpwned.com”. If it alerts a breach you need to change your passwords immediately, all of them. Use the example system described earlier to create a new set. If you are struggling to remember your set of passwords consider using a password manager described earlier such as LastPass (http://www.lastpass.com).
If you need help changing your passwords or setting up a secure password system, let us know on 01543 889 444 and we’ll be more than happy to help you.