Welcome to CyberHygiene, our weekly newsletter, where we share tips and actionable data to help everyone stay safe online.
First time seeing this? Please subscribe.
Are you guilty of using the same password for multiple accounts? Discover the dangers and how to fix it in the latest edition of my newsletter CyberHygiene.
But first, why should you care about passwords?
A password is a secret code that verifies the identity of the person who is trying to access an account or system. Passwords are the primary method of authentication for most online accounts, including email, social media, banking, and shopping accounts. If someone gains unauthorized access to an account or system, they can steal personal information, compromise sensitive data, and conduct fraudulent activities.
A report published by NordPass in 2021 found that the average person has around 100 passwords. That’s way too many to remember and that leads many people to use easy-to-guess passwords or reuse the same password across multiple accounts.
Unfortunately, weak passwords are still a widespread problem. They make it easy for hackers to guess or crack passwords and gain access to accounts. 80% of hacking incidents are caused by stolen and reused login information according to Verizon. In addition, many people also fall prey to phishing scams that trick them into revealing their passwords.
As a regular internet user, you’re 1 click away from getting hacked if you don’t take passwords seriously and you don’t start following the best practices today.
Keep reading to discover the latest tools and techniques for creating and managing passwords, and for keeping your accounts secure.
1. How have passwords evolved over time?
2. What are the top threats to passwords?
- Cybercriminals can use software to crack passwords by guessing combinations of characters until the correct password is found. This is why it’s important to use strong, complex passwords that are difficult to guess.
- Phishing and social engineering attacks are designed to trick users into giving away their login credentials by imitating a legitimate website or service. Once the cyber criminal has obtained the username and password, they can use it to access the account. For example, they may pose as a tech support agent and ask for the user’s password to fix an issue.
- Keylogging is a method of recording every keystroke on a computer, including passwords. Cybercriminals can use keylogging software to steal login credentials without the user’s knowledge.
- When a company or service experiences a data breach, it can result in user login credentials being compromised. Cybercriminals can use these stolen passwords to access the affected accounts.
- Brute force attacks involve using software to try every possible combination of characters until the correct password is found. This method is time-consuming but can be successful if the password is weak.
3. How to protect your passwords from hackers and cybercriminals?
4. What to do if your password is compromised or stolen?
- Change your password immediately
- Check for any unauthorized activity
- Update your other passwords
- Enable two-factor authentication (2FA)
- Monitor your credit reports
- Consider using a credit monitoring service
- Be cautious of phishing scams
5. What resources are available to help you handle better your passwords and online credentials?
1) Books
- Implementing Multifactor Authentication: Secure your applications from cyberattacks with the help of MFA solutions – by Marco Fanti
- The 2023 Report on Multifactor Authentication: World Market Segmentation by city – by Prof Philip M. Parker Ph.D.
- The 2023-2028 World Outlook for Multifactor Authentication – by Prof Philip M. Parker Ph.D.
- Multifactor Authentication A Clear and Concise Reference – by Gerardus Blokdyk
- The Zero Trust Framework: Threat Hunting & Quantum Mechanics – by Ravindra Das
- Cloudifier mail and storage solution with single sign-on (SSO): One platform, many services – by Wassim Fares
2) Courses
- Hands-On Password Attacks – by Future Learn
- Password and Authentication – by Infosec
- PROPER PASSWORD MANAGEMENT – by Skillsoft
3) Certifications
- GIAC Security Essentials (GSEC) – by GIAC
- Information Security Fundamentals (GISF) – by GIAC
- Certificate of Cybersecurity Awareness (CCSAP) – by 4MedPro
4) Documents
- The State of Password Security 2023 Report – by Bitwarden
- CIS Password Policy Guide – by CIS
- 2022 State of Passwordless Security – by HYPR
5) Podcasts
- Cybersecurity Sessions – by Netacea
- Security Sessions Podcast – by Thales Security Sessions
- The Next Phase of Cybersecurity – by EM360
For more content about Passwords and Credentials, visit:
https://ancient.cybermaterial.com/credentials
Subscribe and Comment.
Copyright © 2023 CyberMaterial. All Rights Reserved.
This article was written by Marc Raphael with the support of:
Team CyberMaterial, Sofia C. V., Nicolás Peña, Fabino R. Darius, Enrique Mendoza T.
Follow us on:
LinkedIn, Twitter, Reddit, Instagram, Facebook, Youtube, and Medium.