During Q1 of 2019, we saw a 50% increase in the reported data breaches and the number of records exposed compared to the previous year. These 4000 breaches exposed over 4 billion compromised records. This significant number of security breaches in such a short space of time demonstrates the importance of being clued up on cybersecurity. With so much of our lives now documented online, it is crucial that we understand the steps we can take to keep our information safe.
Our guide will discuss tips to strengthen your online security and which password techniques to avoid at all costs.
In 2019 Immuniweb undertook a study that analyzed the numerous stolen credentials accessible on the Dark Web. Their study looked at details attained from Fortune 500 companies from 10 different industries across the globe. Over 21 million credentials, amid which over 16 million were compromised during the last 12 months of the study.
How do criminals access these credentials? A large majority of credentials are easily obtained due to poor password protection. For example, some hackers use a brute force attack. A brute force attack is when the attack guesses every combination until it hits yours. This attack is done through automated software and is made easier through short and simple passwords. Alternatively, credentials can be attained through a dictionary attack. This attack tries a prearranged list of words that you would find in a dictionary to match with your password.
Immuniweb’s study detailed that of the 21 million records only 4.9 million passwords were fully unique, suggesting many users were using identical or similar passwords. Additionally, approximately 42% of the stolen passwords were related to company names or breached resources, making password bruteforcing attacks highly efficient. These findings demonstrate how easy it can be for attackers to access information when password security is not taken seriously.
Strengthen your password
Improving your password security is simple. First and foremost, avoiding weak passwords will increase your security. Weak passwords are usually under 8 characters, can include words found in the dictionary, and are obvious or default passwords. For example, five of the top passwords found in the study were related to the word password (pass1, passer, passw0rd, password, password1). In addition, it is important to avoid sequential numbers, or memorable keyboard paths (123456789, 1qaz2wsx), they are not unique and will be guessed quickly.
When creating a strong password, the length is key. A password of over 16 characters is immediately stronger and will be much harder for attackers to break. To avoid dictionary attacks, use a combination of words and characters. However, avoid using common substitutions. Substituting BEACHBALL for B34CHB4LL is unlikely to confuse hackers and random character placement is much more efficient.
If you are stuck for what password to use but want to increase your password security, use a random password generator. These generators create random passwords that are extremely difficult to guess. If you are wary of using a password generator and fear you’ll forget such a complicated combination, use a password manager tool. A password manager manages unique passwords for each of your accounts, the only password you need to remember is the master password. However, that just like any software, password managers are vulnerable to security breaches. To stay safe make sure your master password is extra secure!
The safety of your information is a crucial matter. There are now tools like Firefox Monitor that can access records to see if your password has been leaked in previous data breaches. While these tools are helpful, make sure you do your research on the tool before typing in your email.
If you are looking for more information on Cybersecurity follow us on our social media accounts for #WalvisSecurityWeek, an entire week where we give tips on what to look out for and how to keep yourself safe. If you have any questions make sure to contact us now.