I’m sure this isn’t the first time you’ve heard how important it is to use secure passwords online. But here we are in 2018 and “123456” was still the most hacked password of last year. With all the recent security breaches large companies have dealt with, it’s easy to see how anyone could have their online security compromised. That’s why it is so important to create strong, unique passwords for all your online accounts. Nobody wants to have their personal data stolen, or be the reason their company's data is held for a sizable ransom. So why are so many still risking their security by clinging to weak passwords? Let's look at some common reasons and introduce some solutions.
“I don’t have anything worth the effort.”
You don’t have millions of dollars. You don’t have any large secrets someone could blackmail you with. Why do you need a strong password if you have nothing worth all the effort of hacking? Well, there are hackers interested in obtaining whatever amount you hold in your bank account, whether you have $20 or $20 million. Either way, I’m sure there is no amount you want to willingly hand over to a greedy hacker. On top of that, let’s say a hacker is able to get into something that doesn’t hold any high-risk information, like your Facebook account. You might think “Who cares if a hacker accesses the business article I sent my friend this morning?” Never mind that they can pretend to be you and ask your elderly relatives to wire you money for the fake emergency you’re having, they now also have access to any other account you use that password for. Do you use the same password for any sites that would hold more valuable information (maybe some work-related accounts)? Or, could they go through your personal information on your Facebook profile and make educated guesses about what other passwords you may use (for example: your child’s name, pet’s name, birth date, or anniversary)? The point is, that a hacker gaining access to any of your accounts (even your most meaningless subscription) can turn into a bigger problem that affects multiple people.
“My password is so obvious, no one would ever guess it.”
It is worth noting that there is no such thing as a password that is “too obvious” to be hacked. In fact, “password” was the second most-hacked password of 2017. A common way for hackers to uncover their victim’s password is by carrying out a dictionary attack. These utilize lists of compromised and/or commonly used passwords. Their system is able to quickly go through the list, trying different passwords in an attempt to gain access to your system. Here you can find a PDF of the top 100, most-hacked passwords of 2017. While you scour this list for your passwords, please note that it is not difficult for hacking software to get from “password” to “password123” very quickly. So, if you currently use any variation of a password on this list, please change it as soon as possible.
“What’s the point in having a complicated password if I can’t remember it?”
The fear of forgetting is a very common argument against choosing a strong password. Because even if you can keep your data inaccessible to hackers, there’s no point if you can't remember how to access it yourself. Furthermore, those who fall prey to this argument don't usually create unique passwords for each of their separate accounts, for much the same reason. Even if your one password is incredibly strong (as we discussed earlier) all a hacker would need to do is decode your password once and they can get into every online account or system that you possess. The damage they could do with, say, your bank account information is probably even more concerning than forgetting your password. This may feel like a lose/lose situation but there is a solution. With a good password manager, you don’t need to be afraid of forgetting your password and you can create strong passwords for everything.
Are you using your internet browser as a solution?
You have probably noticed that most internet browsers offer to save your passwords for you. If you agree to this, the browser will automatically fill in your login information the next time you visit that website. This seems like a good solution for never forgetting your password, but what keeps a hacker from getting into your system and accessing those saved passwords? In this case, there’s nothing. But if we were able to take this idea one step further and add a layer of protection to this system, we would never forget our passwords and we could keep them safe from prying eyes.
Try this solution!
At CoreTech, we use a password manager called LastPass. With LastPass you are able to save all your usernames and passwords so you don’t forget them and keep them safe with the help of an enterprise secure system and multifactor authentication. All you need to remember is one strong username and password and have one extra way of verifying your identity. This can be done a few different ways: LastPass can send a notification to your phone where you can “Accept” or “Deny” access into the system, they can send you an authentication code via text message or phone call for you to type in, or you can utilize a printable, coded spreadsheet.
Once you log into LastPass your usernames and passwords are saved the first time you enter them, and can automatically appear when you go back to the website.
If you have any concerns outside of what is laid out in this article or if you are interested in creating a LastPass account, please feel free to reach out to us at email@example.com or by phone at 402.398.9580. If you know anyone who is tired of remembering so many passwords or keeping a written record of passwords please forward this article along to them as a great, secure solution is here!