The first Thursday in May is considered World Password Day. In this sense, keys are provided so that all users can be more careful when creating passwords, as well as authenticate access for both personal and corporate use and achieve greater security for the active accounts they have.
“A large number of consumers make mistakes, such as using the same combination for all their logins. A stumble like this becomes the master key to enter absolutely everything related to an individual”, says Pablo Lima, director of Sales for the Southern Cone of VU.
And it is that, most of what is done on a daily basis is through the Internet, and for this you have to activate accounts and profiles on most of the platforms that are used. To create a profile, a password is required, to ensure that the person is the only one who can access these identifiers.
The problem is that the vast majority of people always use the same password for each different profile they have, and in most cases, these passwords are easy to guess, so they do not respect your authority, your protection and make accounts are vulnerable to theft of personal information.
According to UBA’s Security Analysis and Use of Password Managers Report, people manage their access credentials with a low level of protection.
In fact, here are some alarming facts:
– 69% users use the same password for more than one service.
– 82% admitted to forgetting their password.
– 51% of respondents do not change their passwords or do so only when prompted.
– And 64% manage them by remembering them.
This is the best way to verify or authenticate an identity
Weak or easy-to-detect passwords can lead to identity theft for purchases, loans, credit card duplication, and other fraudulent transactions.
What usually happens is phishing, random combination tests and/or keylogger, a complex program that records keystrokes for extraction on an external server.
For this reason, password security is the number one hurdle that prevents most online accounts from being hacked.
Identity verification is based on a combination of the three factors that make up strong authentication:
1. “Something I know”, such as a PIN, password or specific data.
2. “Something I have”, such as an external device (USB drive, mobile token, or smart card).
3. And, last but least used, “something that I am” such as a face (facial recognition), our fingerprints or our own voice.
The combination of at least two of these factors results in a significant security barrier.
So you can manage passwords securely
Although cybercriminals are always up-to-date and constantly looking for new ways to steal users’ personal data, their procedures often have common features, which means that most cases can be avoided.
Recommendations to protect passwords:
– Enable second factor authentication
The use of multifactor authentication to prove the identity of a user is based on the premise that unauthorized third parties may not provide the necessary elements for access.
Therefore, if an item is compromised, an attacker will still need to overcome at least one additional barrier before being able to access the target’s account.
E-commerce companies, platforms, social networks, banking services or applications that allow you to enable a second factor option that increases security, limiting 100% of cheating cases. For example, dual authentication or biometric systems, fingerprint sensor or facial recognition.
– Do not use public Wi-Fi networks
This point, above all, should not be done on buses, airports or shopping malls, as they are often not safe.
– You do not have to repeat the same password on all platforms
If a key is exposed after a security incident and it is the key used in some service, an attacker will gain access to all of that person’s records, accounts or transactions.
It is best to change them periodically. Thanks to commonly used search engines, passwords can be updated with a single click, but it is important to renew them every three months.
– Use strong password
Change the default password; avoid underlying data or consecutive repetition of digits.
The most secure passwords are those that consist of both letters and numbers that also have alternating upper and lower case letters, symbols, and so on.
There are sites like https://haveibeenpwned.com/ where you can detect if a password has been compromised.
– Use backup log
Avoid storing all access data in the browser, since access is instant and, in the event of an attack or theft of the device, it can be easily compromised.
If you want to save it automatically, make sure no one else has access to the browser and also ask for a second factor in the settings to ask for a passcode.
