The days of basic online security are long gone. As our reliance on the internet has increased, so too has the level of threat and the associated criminal activity.
Brute force attacks, largely unsecured accounts, and weak passwords all contribute to poor digital security, and it could mean your personal and financial information is easy for threat actors to uncover.
Security Guide To Safer Logins And Passwords
Keeping your login details and passwords secure in 2021 and beyond is a matter of choosing the right passwords, opting for secure authentication methods, and using privacy software. To help get your basic security protocols in order, we’ve compiled a concise guide to login and password safety.
Step 1: Use a password manager
In 2021, most of us will have upwards of 30 different online accounts, and many of these are linked to our financial information. CSO reported that in 2020, some of the most common passwords included “qwerty” “password” and “12345” – all of these are easy to guess and simple to hack. If you’re using a similarly weak password, it’s time to make some changes.
These passwords just don’t cut the mustard anymore, even if they’re easy to remember. In addition, you shouldn’t repeat passwords across accounts.
Remembering 30 or more long and complex passwords is a feat best reserved for those with a photographic memory. For the rest of us, mere mortals, a password manager is the only way to commit all our log-in details to memory.
With these programs, you log into your manager with a single long password or passphrase, then the program will automatically log you into your accounts when you’re online, making it easy to get stuff done and keep your details secure.
Most password managers have an in-built password generator, so you don’t even need to come up with complicated passwords.
If you’re reluctant to use a password manager, remember the following password rules.
- Make them long, ideally 12 characters or more.
- Do not include personal information.
- Make your passwords complex with a mix of numerals, upper and lower case letters, and special characters.
Step 2: Log in to accounts from secure and trusted networks only
In an ideal world, every WiFi network you encounter is safe and secure. Still, the reality is that many networks are a cybersecurity disaster zone and are riddled with digital threats. For instance, a study by security experts Coronet revealed that most public airport WiFi networks in the US posed a significant risk to travelers and their devices.
From APR poisoning to wireless phishing and many more in between, lax cybersecurity in airports means unsecured WiFi networks are providing attackers with a very useful vector.
As most people are not cybersecurity experts and cannot tell whether a network is to be trusted or not, privacy software is a must when connected to public WiFi networks. Using a VPN (Virtual Private Network) means adding a layer of security to your device and data.
VPNs create private browsing networks that make your online activity undiscoverable and in the process, encrypt your traffic. If you must use open WiFi networks, be that in an airport in the city center, always turn your VPN on first.
Step 3: Always choose two-factor or multi-factor authentication
One of the easiest ways to create more secure accounts is to take advantage of two (2FA) or multi-factor (MFA) authentication. When you log into an account and use MFA, you will enter your password as normal, but then you need to supply a secondary authentication method that confirms that you are the holder of the account holder.
Many people choose to use 2FA authentication and receive a text message on their mobile. However convenient this might be, there is a growing awareness that text message authentication has some significant downfalls.
In 2016, Wired magazine reported that “SMS text messages are often the weakest link in two-step logins.”
More sophisticated authentication options include biometric verification (thumbprints and/or facial recognition), an email, or a security question.
Most platforms now offer 2FA and MFA as standard, but if you have accounts without this extra layer of protection, you should look into dedicated multi-factor authentication apps and software.
Many of these are free of charge, but choose your provider wisely and look into reviews before you sign up for free authentication services.
Step 4: Consider a security key for your most important accounts
A security key is an excellent way to add more protection to your most sensitive accounts. As with MFA, security keys provide an additional layer of protection against hackers, but unlike MFA measures, security keys are physical hardware.
These secondary devices, which often take the form of a USB stick, are used in conjunction with your main device. If the key is not in place, you can’t complete log-ins or access saved data.
Follow the four steps above to secure your login and password security practices and keep your sensitive data safe in 2021 and beyond.