May the fourth is an important day to us at Next Pixel, and no, it’s not because it’s Star Wars day! The fourth of May marks World Password Day, a day that is dedicated to sharing tips to improve the security of peoples online information through something that may go unnoticed but are vital to your security; passwords.
In this post, we will cover the ins and outs of password safety, and the methods you can use at work and at home to ensure your valuable data is protected and you are safe from cyber-crime.
Password Security & Cyber Crime
We know we are blessed to live in a time where technology is ever growing; all around us new inventions and innovations are taking place. New technology is great for us in the web design industry, but it’s not only people who have good intentions that have access to it. Cyber criminals are finding ways through new and existing technology to attempt to hack people and businesses for their data. In 2015 the ONS estimated that there were 2.46 million cyber incidents, so what better time than world password day to take a moment and ensure you’re doing all you can to prevent this happening to you?
Do’s and Don'ts
World Password Day is all about sharing tips and helping to keep everybody safe, so here are our do’s and don’ts of setting a password;
|Use upper and lower case letters, numbers and symbols to ensure your password is strong||Use anything based on your username or email address for the respective account.|
|Use phrases rather than single words to further the difficulty of your password ever being guessed.||Use keyword combinations, such as 123 or qwerty, these would increase the likelihood of your password being guessed.|
|Make your password personal to you, but not something that a lot of people know.||Use generic words in your passwords, such as hello or okay.|
Passwords can be difficult to think of for any person or business that wants to ensure safety to their account or website. It is good practice to create a password that uses the ‘do’s’ above. A good example would be Create-Your-Password9701. This password would be using upper and lower case letters, a mixture of symbols and numbers, but no combination of numbers that could be guessed, and it is a good length. Try your hand at creating a strong password to ensure security using this helpful online tool – https://howsecureismypassword.net/
Here are some tips from my colleagues at Next Pixel:
Chris Harpin says “I was taught to use a phrase that’s made personal as it’s unlikely to be in a list of popular passwords, something like – MyDadDrivesABlueCar! – Mixed with upper, lower and a character, to make extra secure you could double the phrase and replace numbers with letters such as – MyD4dDr1ves4BlueC4r!MyD4dDr1ves4BlueC4r – No one is going to guess or crack that. That isn’t one of my passwords by the way!”
Rob Bates suggests “The best thing I’ve ever heard to create unique and secure passwords is to think of three random words that don’t really mean anything and put them together. Just write the first three words that pop into your head and separate them with a symbol. No one can guess because the words are completely random!”
Beth Taylor Advises “As well as using memorable passwords, I always try and use a variety of passwords for different accounts. I never use the same password for all of my online accounts.”
Why change regularly?
It may be a good habit to get into to change your passwords every 1-3 months. This is an effective way to prevent anyone who may have got access to your passwords to only have access to your information for a limited time, therefore preventing any large amount of damage.
However, according to a few cyber experts, changing your password so frequently can actually do more harm than good. Imagine having to frequently remember complex, strong passwords for a large number of services? This often leads people to try out generic passwords and change the number; such as Password1, Password2 etc. This is why we encourage choosing a strong, unique password using the tips found in this article.
A password policy is a set of rules in place to ensure computer security by encouraging users to use strong and difficult to guess passwords and use them properly. These rules are often enforced by businesses to their staff, to ensure the safety of all involved. Some of these rules are things such as;
- Changing your password every month.
- Prohibited use of company name or an abbreviation of this.
- Prohibited use of words found in the user’s personal information, such as their username.
Take the opportunity this password day to ensure your businesses accounts are safe and think about using a password policy in the future.
How to make your website safe from brute-force attacks
A brute-force attack consists of an attacker trying many passwords or passphrases with the hope of eventually guessing correctly, or potentially using a computer that does the guesswork for them, meaning your password must be very secure to avoid this working. Here at Next Pixel we use WordFence, a plugin designed to protect the websites we manage from this type of cyber-attack. There are many tools out there that you can use to prevent brute-force attacks, if you feel at threat by this then ensure you are installing a system to protect your passwords from being hacked.
2 step authentication
Finally, a great method of protection when it comes to accessing accounts is a handy thing called 2 step authentication. This is a process that involves an extra piece of verification needed from you before entering your account. This can involve a text message being sent to the phone number of the owner of the account that has a verification code, and once this has been entered you are allowed access. A more commonly known method is ‘memorable questions’ which you will set answers for upon creation of your account, and could be prompted to answer when trying to enter your account. This method prevents anyone that has hacked your password from getting into your account as they cannot pass the second step.
At Next Pixel, we aim to provide long-term support and assistance to all of our clients following the launch of their website. Click here to talk to us about what we can do to help your business.