In today’s digital world, password protection is becoming more important than ever. Most sites require you to set a password using 8 digits, including lower and upper case, at least one number, and a special character.
How secure do you think your password is? Take the password test here.
We recently tested our personal passwords and found that many could be hacked within 10 minutes. Even the stronger passwords were able to be cracked in around 28 days. We used the above link to Password Monster and used similar kinds of passwords – not the exact ones for safety.
Hackers use a variety of techniques to crack your passwords using common password dictionaries that include words phrases and names, substitution attacks replacing letters with numbers and symbols, and checking for sequences of characters. They even check for proximity of characters on the keyboard such as “qwert” or “asdf”.
What can you do?
If, like most of us, you have a growing abundance of passwords for everything from email, social media accounts, online banking, student, work, etcetera etcetera, you probably deal with this in one of two ways.
The first is to create easy-to-remember passwords and reuse them across different sites—a dangerous mistake, but a common one. The second is to enable browser-based autofill features which make us complacent about updating our passwords, and more susceptible to cyberattacks and identity theft.
The smarter choice is to create strong, unique passwords—randomly generated strings of alphanumerics and special characters—for every online account we have. This is the far better choice. But then there’s a new problem: remembering and keeping track of them.
Password Protection using 2 Factor Authentication
At Davidsons, we have recently introduced a platform to help us with this problem. There are a number of solutions out there to assist but we chose Keeper password manager to protect our organisation’s passwords with a secure vault for each employee. The application securely creates and stores strong passwords, that employees can access via 2 Factor Authentication. The 2 Factor Authentication (2FA) is vitally important here as it gives an incredibly secure level of protection for what is an all your eggs in one basket kind of approach.
2 Factor Authentication requires a separate form of communication, usually a phone app, mobile number, or email address separate from the location that you are logging into. This creates a quick confirmation for the intended user but enormous difficulty for an external threat.
As the Cyber Security landscape develops and changes it is important that we also adjust and adapt to protect ourselves. There are many things you can do to better protect yourself and we encourage you to speak to your IT provider or engage one to explore simple things you can introduce to make it safer for you and your organisation.
This article was written by Senior Auditor Ester Heikklia and Auditor Evangeline Vicary.
Disclaimer: this information is of a general nature and should not be viewed as representing financial advice. Users of this information are encouraged to seek further advice if they are unclear as to the meaning of anything contained in this article. Davidsons accepts no responsibility for any loss suffered as a result of any party using or relying on this article.