How strong passwords and good practices can help to protect you against hackers.
Now, more than ever, it’s important to set strong passwords and avoid reusing them across multiple accounts. Password managers make this task much more manageable.
Criminals always find a way to take advantage of disasters. A surge in phishing emails and online scams by those who want to steal data has occurred during the pandemic.
Who is being targeted?
Hackers are not only interested in high-value accounts, for example, chief executives and finance directors.
Most of us are far more likely to be victims of automated attacks carried out on an industrial scale. Methods like password spraying and credential stuffing employ many thousands of account details obtained via data breaches and traded online. Thinking ”no-one’s going to be interested in my account” is a dangerous assumption. Free tools like Have I Been Pwned allow searches across multiple data breaches. This allows you to see if any of your email addresses and passwords have been compromised.
Convenience vs security
For too long, convenience has been prioritised over security. Being able to log in with just one set of credentials from anywhere at any time.
The fundamental problems with passwords are that most people are not very good at choosing strong ones. They tend to reuse credentials rather than setting a different one for every account.
Reusing a password, choosing a weak password, or not spotting a phishing email all put users at risk. Once multi-factor authentication/two-factor authentication (MFA/2FA) is set up, there’s a safety net. That’s not to say it’s infallible, MFA can be busted too. But doing so takes extra time and effort to do so, and in many cases, criminals won’t bother. In fact, MFA prevents more than 96% of bulk phishing attempts and more than 76% of targeted attacks, according to Google.
Things to remember
So, the lesson is clear: Use a separate, strong password for every account and turn on 2FA wherever it’s possible to do so. Whether for work-based or personal accounts, or apps like Amazon and WhatsApp, which offer 2FA as an option.