6 Ways to Ensure a More Secure Password in 2020
The World Password Day, the first Thursday of May, which serves as an avenue to sensitize the populace on the importance of building a healthy password habit has just gone by. However, what really matters is what we’ve learnt from it and if we will work to develop the habits expected of us in relation to it.
Truth is, the world is constantly evolving and the same can be said about the digital space. Not even the pandemic, which has recorded more recoveries than deaths courtesy of health workers round the world, has deterred cyber-attackers from engaging in malicious activities. So, the aim of this post is to sensitize the populace on ways to mitigate these attacks and avoid falling prey to it. If such a time in history cannot deter attackers, then it should as well not deter the defenders.
1. Make Use of Non-Alphanumeric Characters
As the name implies, a non-alphanumeric character is any character which is not a number or a letter. Examples include, &, #, * etc. The use of non-alphanumeric character is encouraged because it serves as a medium to counter certain type of attacks on user accounts. Accounts with mainly alphanumeric characters such as 12345, iloveyou, password2 etc. all suffer a gaping hole which can be exploited in a cyber-attack. With non-alphanumeric characters included in your passwords, it makes it tougher, not impossible, to illegally access the user account.
2. Deactivate “Remember Password” in Browser
The “Remember Password” feature is one to easily fall in love with, after all, no one wishes to go through the stress of constantly putting in their password at every time there is a need to access a site. For example, a highly active person on Facebook will dread the thought of always putting in their password to gain access to their accounts, so why not activate the “remember password” feature or “keep me logged in”?. However, in as much as this feature takes off a toll of stress off our backs, letting our browsers store our passwords is a serious threat to user account security, which is because it leads to vulnerabilities on one’s system and can be exploited through illegal access to saved logins or through USB password stealers.
3. Avoid Phishing Links
This never gets old neither does it seem like it’ll fade out soon. Phishing involves sending out bait to a large number of people, with the hope that some users fall for it by giving out personal information which might include their passwords. Some links are so dangerous that a mere click on it can make one fall prey to this scam. However, there is no one-way to avoid being a victim of this scam, but the best bet is to be as careful as possible when clicking on links sent to you. It is advisable to use services such as VirusTotal.com to verify if a link is clean or not, also ask questions such as “who sent this link?” “are there any grammatical errors?” “should i directly call the company to confirm this mail/promo?” etc. Some times, a little bit of paranoia can go a long way in saving a user account.
4. Do Not Use The Same Password Across Multiple Accounts
We’ve heard this multiple times, but for individual reasons best known to each of us, we tend to flout this rule time and time again. Using the same password across multiple accounts puts one at the risk of a huge breach, a sort of domino effect, which is because a successful breach in one account means easy access to every other account owned by the victim. This is the danger of using the same password across multiple accounts, once one is breached, the rest follow suit, all falling like a stack of cards.
Of course, everyone is busy with one thing or the other, and the idea of storing multiple passwords across so many accounts can be tasking, because there’s a danger of forgetting the password to a certain account or out rightly lose access to it. The remedy for this is to employ the use of a password manager, which is created solely for the purpose of helping people store their passwords to multiple accounts and need to only remember one password, the ‘master’ password, which grants access to other passwords created by the individual. Password managers like 1Password, LastPass and Dashlane are recommended. In as much as nothing is 100% safe, you can improve your chances of safety in case of a password manager breach by adding certain non-alphanumeric characters to every password you have in the vault, this characters are not saved in the vault, but in your head, known by you and you alone. So, a breach of your vault still won’t grant access to your accounts because the final characters are not known to the attacker.
5. Routine Check Of Account Activity
Most times, we get so familiar with our accounts that checking certain features in it never occurs to us. The ability to check account activity is very important, as it gives us an idea of what goes on in the account. Sometimes, a victim might not realize what their account has been involved in, ranging from identity theft to other malicious activities, and the resulting danger in this is that the victim can be made to face the consequences of what they know nothing about. At any time it seems there’s suspicious activity in an account, one should immediately change the password and report to the site authorities for further assistance.
6. Secure Recovery E-Mail
After everything needed to secure an account is done, a vulnerable recovery email can be one’s undoing. So while carrying out precautionary measures on the main account, it is best to apply same to the recovery email linked to that account in order to mitigate any possibilities of a breach.
As a matter of fact, cyber-attacks will never stop, and new ways will constantly be introduced to gain illegal access to accounts. However, these six strategies are meant to significantly reduce the possibility of being a victim of these attacks.
