We have all been there – any website that we visit wants us to share our email id and insists that we create a userid and password. The normal tendency is to use our regular email id and password on all sites. This is the primary mistake we commit while accessing the online world.
At the same time, if you are a business owner and have a website of your own, you need to know the people who visit your website and have their email ids. Besides, you would not like anyone and everyone to access and nose through your website without proper authentication.
Unauthorised access to your digital world is a major problem for anyone who uses computers or any other devices, especially if connected to the internet. The effects for victims of these break-ins can include the loss of valuable data, including bank account information, money, or even having their identity stolen. Moreover, unauthorised users may use someone else’s computer to break the law which could put the victim in legal trouble.
Surprisingly, although strong passwords are the most important in keeping our information secure online, this fact is often also the most overlooked. It may surprise you to know that in 2013, 90% of all online passwords were considered vulnerable to hacking. It was also found that 70% of people do not use a unique password for each website they access and more than 33% users share their password with others!
Another study showed that a majority of users use passwords which are so easy to guess – e.g., 123456 or ‘password’ or 111111. Using such passwords is suicidal as they are easiest to guess and hack.
The following points need to be kept in mind for ensuring your password security:
* Passwords must be long and complex – never use personal information like name of self or spouse, kids, pets, birthdays, etc. They are very easy to guess. Never use common words.
* Passwords should contain at least twelve characters. It has been calculated that if a hacker generates 1 billion passwords per second, a 5-digit password can be cracked in 0.38 seconds, while a 12-digit password would take 12,386.42 years to crack!
* Passwords must have at least one upper case, one lower case, one numeric and one special character (like !@#$%^&) each.
* Never write down passwords, as that makes it easier for the passwords to be stolen and used by someone else.
* Never use the same password for two or more devices, as someone who breaks into one machine will try to use the same password to take control of the others.
* Never use the same password on multiple sites, especially banking or transactional sites.
* Try and change all your passwords periodically – preferably once in six months.
* Use a good password manager (like LastPass) to manage all your passwords, since it is impossible to remember so many passwords.
Passwords are undoubtedly essential to security, but they are not the only method that can or should be used to protect one’s computers and devices. In addition to creating a good password, Windows 10 allows face recognition (Hello Windows / Hello Asus / Hello HP). Facial Recognition uses the FIDO (Fast Identity Online) protocol. Many laptops have fingerprint and / or iris recognition devices also, which provide an additional layer of security for your devices.
SECURITY FOR MOBILE DEVICES
On mobile devices, a PIN or passcode is used. This is like a password for a computer, but it may have a minimum of four characters or digits and should be something that is not personal or easily guessable. Passcodes for devices should also be set to time out after a short period of time. On time-out, the code will then need to be re-entered. Ideally, the timeout should occur in no more than ten minutes, although shorter periods between time-outs are best. Besides, these days many cell phones allow fingerprint and face recognition options which make your device more secure.
2 FACTOR AUTHENTICATION (2FA)
The use of 2 Factor Authentication (2FA) adds another layer to your security. For every large / reputed site you visit, this option is always there. To enable 2FA, you need to download an app like Authy or Google Authenticator.
In the case of Google, for example, once you have the app installed, go to your Google / Gmail account (myaccount.google.com/security) and look for 2-Step verification. Once you enable it and link your phone to your Google account, every time you login to your account from a different device, in addition to your password, it will also ask you for the 2FA code. You will have to go to your Authenticator App, read the code there for Google and enter it when prompted on your computer. This ensures that even if your password is hacked, the hacker cannot get into your account without the 2FA code which is unique to you and your device. Similarly, for your Amazon account – go to your account, login & security, enable 2-step verification and follow the same process as prompted. Facebook has similar options in Settings & Privacy, Settings, Security & Login – Two-Factor Authorisation.
The online world is dangerous and unforgiving. Sensible use of passwords, face recognition, 2FA all add to your security levels and allow you to conduct your online affairs safely. Stay safe, stay protected in this hazardous world by using the above tools sensibly and effectively.
Happy Browsing!
