World Password Day: #LayerUp Your Login
Your online accounts are always at risk of being compromised, however, there are steps you can take to minimise this risk. Today (May 4th 2017) is World Password Day, so we want to do our part in spreading best password practices by helping you secure all of your online accounts in four easy steps.
Take the #LayerUp pledge at: https://www.passwordday.org
Step 1. Creating a strong password
There are bots all over the internet that attempt to crack passwords through brute forcing. This is an automated attack that attempts to crack a password by testing every possible combination. This is why having a long and secure password is incredibly important. A short password can be cracked in seconds, whereas a long password may require many more attempts.
It’s also important not to use common passwords, words or phrases, as these are vulnerable to dictionary attacks and can be cracked instantly. This is similar to a brute force attack, however, it attempts to crack passwords by using a predefined list of passwords.
Length is incredibly important for a good password — additionally, it should include both capital and lowercase letters as well as numbers. One of the best ways to create a password is by randomly generating it — this is one of the most secure methods and is useful if you aren’t very creative when it comes to making strong passwords. Another option is to use a passphrase and substitute some letters with a number or special character. For example, “R0lling1nTh3C4sh”. since passphrases are both secure and easy to remember. And obviously, don’t use a password like qwerty or 123456 — surprisingly, these are some of the most common passwords and will get your account compromised instantly.
Troy Hunt(an Australian web security expert) also wrote about the importance of maintaining proper password etiquette in his article; The only secure password is the one you can’t remember.
Step 2. Use a different password for each account
Sometimes password security is out of your control, website databases get hacked on a daily basis (30,000 websites a day according to Forbes). Not all companies value security, some store your password in plain text or use weak encryption algorithms. At Shockbyte security is one of our top priorities and all passwords are securely encrypted.
It is very important to use a different password for each account because if you use the same password for every account you have online then only one has to become compromised for your whole online presence to come crashing down.
It’s not easy to remember multiple passwords, so in the next step, we’ll explain password managers which can help with managing different passwords.
Step 3. Use a password manager
Password managers securely store all of your account passwords so that you can use long, generated and unique passwords for each of your accounts without having to remember them. To access your passwords, you just need to remember a single master password (which should be a very strong password).
Make sure your master password is good though because if your master password is your birthday then you’re in for quite the roller coaster ride.
Step 4. Enable two-factor authentication everywhere
2-Factor Authentication(2FA) adds an extra layer of security to your account adding an additional login step, beyond just a password. We recommend enabling it on every website you can because even if your password is compromised, your account will still be protected. There are three types of authentication factors:
- Something you know — such as a password.
- Something you have — such as your phone.
- Something you are — such as your fingerprint.
The most common form of 2FA is a time-based one-time Password (TOTP) — this is typically a random code that is generated on your phone every 30 seconds through an app such as Google Authenticator.
Security is very important to us, so we’re always on top of our game. We offer 2-Factor Authentication for both client and control panel accounts. You can click here to learn how to enable it: Enabling 2FA on your Shockbyte accounts
Our team at Shockbyte are very experienced in online security and we are able to help you with anything you need. If you have any questions or need some advice, just ask!
Help others secure their account by hitting the ❤ button! This will help others find this post.