Your login is the single most crucial point of failure in a secure system. However, a lot of this risk can be circumvented by implementing several simple steps that all contribute to hardening the security of your verification procedures.
Below we take a look at some of the foundational ways you can bring your cyber-security up to scratch where it needs it most.
Password Vaults
A password vault is a piece of software, such as LastPass, NordPass, or Apple Keychain, that collates all your sensitive login information into one place.
What’s more, these programs come with autofill scripts that means they will quickly let you log in to any of your services using the confidential information stored in their vaults with a minimum of hassle and a much higher level of security.
For one, as these vaults use an auto-fill script, this circumvents you having to type your passwords in.
This is beneficial, especially if you find yourself using a public computer or network. The reason for this is that certain types of malware, such as key-loggers, are designed to record keypresses.
If a keylogger is recording a keyboard you’re using to fill in a password, it has successfully recorded that login data.
The same goes for entering credit card information on public computers, something else that can be stored in a password vault.
These programs are encrypted and can be configured to require two-factor logins, ensuring nobody but you can gain access to their contents.
Most vaults will also suggest and generate strong passwords for you, such as those discussed below.
Two Factor Logins
This type of login has been growing in popularity for a number of years and is used by people for all manner of logins, from their social media accounts to the security features of their finances.
Simply put, two-factor logins require a user to confirm their identity from two separate sources in order to gain entry.
This can be a combination of passwords or a password in addition to biometric data such as that which can be recorded from fingerprint scanners or facial recognition software on most modern smartphones.
Others, such as the SecurID token, are a form of two-factor identification devised by American cyber-security company RSA.
It is used by organizations that require additional security due to their handling of sensitive information, such as gaming platform PokerStars, and the aeronautics firm Lockheed Martin.
It uses a special pin decryption protocol that requires users to input a private pin number into an interface that re-arranges the layout of the keypad with each use.
This makes it extremely difficult to replicate a login as, were someone to witness where on a keypad you pressed, they still wouldn’t be able to gain entry.
This also prevents keyloggers from capturing this data.
Strong Passwords
There are many factors that go into making a strong password. The most fundamental is length; this is because the more digits a password is composed of, the more potential combinations of numbers, letters, and symbols it could consist of.
This makes it much harder to crack using malicious software. For example, a password made of 12 numbers has over 479 million combinations, whereas a password of only 6 numbers has a mere 720.
Using a combination of upper and lower case letters, as well as numbers and permitted symbols, is the best way to ensure your password is strong. Aside from this, making sure your password cannot be guessed easily is important.
The most used passwords on the internet are also the easiest to remember, and the easiest to crack, accordingly.
Nord releases a yearly list of the most common passwords used globally, as well as the time, is taken for an algorithm to guess them.
2020’s top 5 whereas follows: #5 – password, #4 – qwerty, #3 – 12345, #2 – 123456789, #1 – 123456.
All of these were cracked in under 1 second. It goes without saying, if your passwords resemble these in any way, then you should address this issue immediately.