The pain of the password
Password breaches are all too common nowadays and the biggest challenge is to keep a different complex password for every website or app. This is according to John Mc Loughlin, CEO of J2 Software.
Most people use the same passwords on multiple sites and when one of those sites is compromised, hackers test the login information on other sites. This means having one password compromised can lead to one’s password being compromised on many other sites.
The truth is that for every system, cloud storage, app and network we place our information and login credentials into we increase our risk landscape. When you use a single password for every platform, a breach of one is a breach of all of them. You may practice safe cyber activity and still have your credentials compromised in a third-party app that has poor security measures.
The use of a password is not ideal, but let’s be honest, most people, systems and organisations across Africa have no other means of remaining secure. It is not ideal, but until there is a practical alternative – let’s all take the steps to not make it easy for the cybercriminal to pounce.
Human behaviour is to make things as simple as possible for ourselves and sometime by making things simple for you, it becomes simpler for those with ill intent.
The excuses I hear are mostly around the inability to remember multiple passwords. If you cannot write it down, or store it on your mobile device – I am told it is just too difficult. This element of human laziness needs to be addressed, in years past people would remember 10, 15, 20 plus telephone numbers and lock combinations. Today we remember none as we use a phone to do all our thinking.
In my opinion, if you choose not to keep unique passwords for different platforms you cannot complain when thousands are taken from your bank account or when you are reprimanded for allowing your company network to be taken down in a ransomware attack.
I suggest that you keep it unique to you. Identify with the platform and add in something from your list of favourite things, a phrase or a lyric. Let me give you an example to get the mind working: If you associate Facebook with school friends and Family – use an incident at high school that you associate with and a family joke name then add a lyric from a song. It will be a long password, pretty much impossible to guess. You should remember this and giggle every time you log in.
Make sure your passwords are unique before you are compromised. A great password is worth the effort. Remember that your passwords should be treated like your underwear: they are personal, shouldn’t be shared and they must be changed regularly.
For additional security, one should add two-factor authentication to any account that supports it. This means one will have to enter both a password and a code that’s emailed or texted in order to log on. This will certainly prevent hackers from accessing an account even when they have the password.
Caption: Security specialist and J2 Software CEO John Mc Loughlin