Did you know that today, May 5th is World Password Day. Weak password can be an opportunity for cyberattackers to gain access to your accounts. In 2020, cybercrime could the world over $1 trillion dollars.
Here are some password tips to help continue to protect your identity and your data. Please don’t hesitate to reach out to Summa or Ray if you have any questions. #WorldPasswordDay
- Longer passwords are better – With computer processing power advancing every year, the current recommended minimum password length is now 12 characters. UK’s National Cyber Security Centre recommends using three random words for your passwords. In general, the longer the password, the more secure it is.
- Use unique passwords – For each website, you should have a different password. There have been known breaches where a cyberattacker will take your email and password on one website to login to another site. Having unique passwords helps prevent against these kind of attacks. 73% of successful cyberattacks are due to password reuse.
- Use a password manager where possible – This helps with trying to remember all the unique passwords and some have the ability to share common passwords with other family members. Some common password managers include Dashlane (free plan), 1password.ca (has family plans),lastpass.com, bitwarden, etc. Bonus, this makes it also very easy to login to accounts on your mobile phone and computer.
- Enable multi-factor authentication (MFA) – We recommend setting up multi-factor authentication (MFA) where possible. This adds an additional layer of protection. Passwords are something you know. MFA (such as Microsoft Authenticator) is something you have, and biometric (fingerprint/ TouchID / FaceID) is something you are. A combination of a few of these methods will provide additional protection to your account. According toMicrosoft, enabling MFA will protect against 99.9% of cyber attacks.
Here are some helpful links to explore:
- How Secure Is my Password (you can test some samples of passwords here – this site is safe as no data is being stored or submitted anywhere) – How Secure Is My Password? | Password Strength Checker (security.org)
- Pwned Passwords – has my password been used in a breach? Have I Been Pwned: Pwned Passwords
- Here’s a great site for generating passwords for your kids – DinoPass – Simple password generator for kids
- Have I Been Pwned: Check if your email has been compromised in a data breach – this is a great site to subscribe to get alerts if your email or phone number has been part of a data breach. We recommend to change your password right away. Please don’t hesitate to connect with Summa or Ray if there’s questions you may have.
- List of MFA services – This website has a list of Internet services (banking, communications, etc..) that have enabled MFA – 2FA Directory Be sure to have a backup, and test the backup (alternate account, additional email, backup codes, etc..) in the event you need it.