This article has been created for the occasion of Cybersecurity Awareness Month, to encourage users and those interested in the practical and unexpected path of technology to keep abreast of the best ways to protect your data and give yourself a chance on the path of cybersecurity.
The password is one of the most well-known authentication methods since the birth of the internet and personal accounts. Despite the fact that authentication methods are developing other ways to access information and some other methodologies are being discarded, the password never ceases to be an option. We know very well what the purpose of passwords is: to protect data from any unwanted access to the private information we store on the web. Now, the problem lies in the following question: Why even knowing that by setting a password we are protecting our information, we neglect this procedure as if it were a forgotten toy?
Most of the time we forget how important it is to choose passwords with a level of complexity that only we can understand (not that we are going to create cryptographic keys every now and then), that have not so specific words that can remind us of specific details that we, the user and owner of the information, can remember. It is not a task that we may like to perform every week, which has led to a massive neglect in updating and creating secure passwords, but even so, we can consider certain methods that will allow us to improve our security in terms of our existing passwords and for future accounts, which is also a collaborative step to improve cybersecurity in this important environment such as password protection for end users. We are all responsible for the data we store on the internet and must protect it, so warrior, it’s dangerous to go at it alone, take these password hardening tips!
- Create passwords from passphrases (Passphrase): The difference between passphrase and password is that the latter is created from the former. It is a very intuitive method and as mentioned above, it allows you to create secure passwords from details of your life that only you know. Let us see a simple example: A passphrase can be “I have two laptops at home: LeNouveau and BigGuy” which can be converted into a password as follows: Ih2LatH-LN&BG. You have obtained a secure password!
- Use a password manager: Many have probably heard of this password hardening approach for saving and managing passwords, and it really is an excellent option when you have a lot of passwords to store, especially if you are an employee and manage one password per application. This can be tedious. This type of application generates a unique password (or master password) for the user while generating a complex and long password for each application stored or linked to this same application.
- Using a Multifactor Authentication: This is another of the most used methods and perhaps some are not aware of its name, which refers to an additional login process before verifying a user when accessing a web service. Of course, it is not one of the strongest methods, but it does add an extra layer to the security of stored data.
- Do not use credentials on public sites: This is not just a tip; it is a warning. Many people are unaware that public networks can be easily manipulated and because they are publicly accessible, many people access them, without taking into account that there may be an attacker who has also accessed the network with intentions of taking a few credentials to carry out their objectives, so for the love of God, never use services that require you to log in through a public network, you never know who is hiding behind the shadows to get your information. Use sites with secure networks that you trust the most.
With this, Cyberwarrior promotes the safe and proper creation of passwords for all users, as well as the management and use of passwords in secure applications, to prevent our data from being easy targets for attackers prowling the networks. Don’t forget that, by protecting your data with password hardening and effective methods, you are collaborating with the development of cybersecurity from your environment.