passwords are the weakest link in todays cyber security

Michael Chertoff

Tweet

Over the years, password hacking IT security systems has continued to be a major issue for cyber security teams.

Frank Abagale, the famous con artist recently wrote about the need to remove passwords as a form of security.

Username and passwords aren’t just security methods in place for IT systems and applications – this method of information protection has been around since the 1963s.

Therefore, it’s no wonder that this common method of keeping information safe is known all to well by both con-artists and cyber hackers.

As far back as 2016, we have seen major breaches as a result of common password attacks. CNBC reported that “passwords are the weakest link in todays cyber security”

Equifax, Target, Yahoo, MyFitnessPal, Panera Bread to name a few recent data leaks.

Password Mistakes Can Hit Companies of All Sizes

Massive data leaks come from every type of company and they are increasing in size and frequency every year.

Yet it seems that we have still not learnt the lesson about protecting our own data through good password security.

Common Password Mistakes and How to Avoid Them

1 to 6 and qwerty are still used!

Researchers from Virginia Tech university and security firm Dashlane have analysed 61 million leaked passwords and discovered that 123456 and qwerty are still among the most common password choices.

Not only that, but these easily guessable combinations are probably key to opening up multiple accounts, as the research shows that over half of us reuse passwords.

Stop Using Your Football Club as Your Password

The Dashlane list study also suggests that hackers trying to guess passwords could do worse than work their way through the Champions’ League.

Liverpool, Chelsea, Arsenal, Barcelona, and Manchester United all featured on the Dashlane list.

Maybe the one advantage of being a Accrington Stanley fan is that you have a ready-made obscure password!

Swearing Doesn’t Make Your Password Obscure

If you think you’re being clever or original by using something like a swear word within your password, or referring to an extremely out-of-date or uncool brand, apparently you’re not.

The Dashlane List also found that F***you, Myspace, and Playboy were all used multiple times.

Loved Ones Names are An Obvious Password Choice

Using your partners or relatives name is not unique, either.

Hackers can trawl your social accounts to find siblings, people tagged in photos etc. to find inspiration/ideas for passwords.

This is an example of being ‘too familiar’ with your password.

How to Protect Your Data and Create Clever Passwords

Strong password discipline is a crucial factor in ensuring your cyber-security.

The key here is not to believe that being so original will mean that your password is obscure and outside of the box.

Using swear words or the qwerty method aren’t clever or creatively unique ways to staying cyber secure.

They are quick ways to get yourself hacked and lose your information etc.

For password protection and ensuring your IT data is safe and secure, consider these options when devising a password

Choose a Complex Password

The latest advice is to use three unrelated words that mean something to you (and are therefore memorable to you).

Adding numbers and symbols is also helpful, but the three unrelated words are key.

Apple’s latest offering to help keep your information safe is through app-specific passwords.

The Apple App-Specific Passwords with iCloud feature is fantastic for creating unique, hard-to-break passwords for individual apps.

By using iCloud, you can ensure that all your Apple devices are linked to these passwords so you don’t have to keep logging in each time you access via a different device.

However, you still need a password for your iCloud account, so be sure to create a ‘complex password structure’ and keep your data safe from hackers.

Use Different Passwords for Different Apps & Websites

If you’re not open to using passwords connected to your individual iCloud or Android account, you can simple create individual passwords for each app you use.

This is especially the important apps such as your bank account.

The issue here is remember all your individual passwords for each app. Especially if you have created complex passwords for these apps.

You’ll need to log these passwords somewhere and keep this file protected and secure.

Install a Password Management App

If you find it difficult to remember passwords, install a password-management app such as Roboform.

These password management apps are a similar solution to the iCloud app-specific passwords solution by Apple.

The difference here is that these apps will vary in security encryption (an example being apps that use 256-bit AES encryption or two-factor authentication (2FA)) and also features (such as auto-form fills, file storage, password sharing etc.)

Dashlane naturally is a strong service provider, and a lot of businesses also use LastPass, another serious contender for one of the best password security solutions around.

Hire an IT Security Company to Train Your Staff

Of all UK businesses, only 27% have had cyber security training according to a survey by Statista.

The scary thing is that this survey is as recent as 2019!

Years on from the advice given by Homeland security staff and con-artists, we still fail to acknowledge the importance of implementing both cyber security systems and cyber security training programmes and this is likely due to improper budgeting for our IT teams resources.

However, it’s not too late. The majority of IT support companies both local and nationwide provide some form of cyber security and training service.