You’ve probably noticed that the way you authenticate your personal accounts is slowly starting to change. Phones can now be unlocked via facial recognition, and many devices and apps can verify your identity using fingerprint technology.
Biometric identification may be the way of the future, but make no mistake, passwords remain the most convenient today. Unfortunately, cybercriminals continue to compromise passwords to gain unauthorized access and to steal personal data that can be used to commit identity theft, online fraud, and cyberattack.
According to Verizon’s Data Breach Investigation Report, 61% of all cyberattacks can be ‘attributed to exploited credentials’», and a study of Avast discovered that 90% of passwords are vulnerable to cyberattacks.
With 15 billion usernames and passwords currently available on the dark webit is imperative that password security and hygiene be a top priority in your personal digital life.
In recognition of World Password Day 2022here are three password security best practices to help protect your accounts from adversaries looking to compromise them for malicious purposes.
Password length matters – but don’t overthink it
As we have already written, it is essential to create strong passwords which cannot be easily guessed by man or machine.
When creating a password, remember that it must be at least 12 characters. To avoid forgetting your password, start with a phrase you’ll remember easily, such as “Hawaiian pizza is delicious,” and add a combination of uppercase letters, numbers, and symbols to make it stronger.
As you can see on this Hive Systems chartthe longer and more complex the password, the more difficult it is for hackers to crack it through a brute force attack, that is, when they try various combinations to correctly guess the password.
However, under no circumstances should you include personally identifiable information, such as birthdays, phone numbers, or parts of your social security number. Cybercriminals can use these details to their advantage in various ways.
Password diversity is essential at home
Having a strong password is a good start, but you can’t stop there. It is imperative that you take the time to create a different password for each of the digital services you subscribe to.
Here’s why: Let’s say your password is “Hawaiian Pizza Is Delicious46?!#.” This is a password that meets all of the above requirements; a sentence associated with capital letters, symbols, numbers and even spaces. If you take that password and use it for multiple apps and services, it would only take one breach before all of your accounts are at risk.
Now let’s take this example a step further and imagine that your password was compromised in a data breach. If a cybercriminal were to get their hands on your password, they would have a master key to breach many of your accounts and the personal data stored in each of them.
Despite these well-known risks, password reuse remains a major problem. LastPass found that 50% of internet users reuse their passwords.
Personal password security can impact work
You should not assume that your personal data is all that is at risk from password reuse. Bad password habits can also leave you vulnerable in the workplace.
Research of SecureAuth found that 44% of individuals use the same password for their work and personal accountsand According to Beyond Identity, 42% of employees admitted to sharing their passwords with others at their workplace.
Which brings us back to our Hawaiian pizza password. If a cybercriminal obtains a password that you used for both your business and personal accounts, then they could potentially gain access to files and confidential data that your business has.
In this scenario, countless people may now be at risk, and your business could suffer financial and reputational damage, depending on the data breach laws in their operating state.
Don’t be complacent with your password security
You might be concerned about having to remember so many different passwords. Luckily, there are plenty of password managers out there to protect all of your login credentials, which you can easily access by entering an encrypted master password. Think of them as a safe and the master password as the key. Just remember the key and you don’t have to remember all your passwords.
In fact, biometric verification is likely to dominate the future. But currently, we still live in a digital world where passwords are the primary guardian of your personal and business accounts.
This World Password Day, recommit to making it harder for cybercriminals to gain access to your valuable sensitive data by strengthening your password security. As noted above, creating secure passwords and protecting them from bad actors isn’t difficult – it just takes a bit of due diligence.
If you’re wondering if your passwords are on the dark web, BlackCloak offers continuous dark web monitoring, where we are looking for credentials that may have been compromised in a data breach. The BlackCloak Concierge team also assists customers by helping them choose a password manager that best suits their needs.
The post office World Password Day 2022: Bad password practices can be costly appeared first on Black cape | Protect your digital life™.
*** This is a syndicated blog from the Security Bloggers Network of Black cape | Protect your digital life™ written by Evan. Read the original post at: https://blackcloak.io/world-password-day-2022-poor-password-practices-can-be-costly/