Today is the 01st of February, the day that marks the “Password Change Day” and, to help you reinforce the security of your accounts and equipment, the editorial staff of MenosFios now shows some of the examples that you should not follow and we remind you of the recommendations given by cybersecurity specialists.
Recently, data leaks and password theft continue to be trends that mark the world of cybercrime, breaking new records every year, and although they are a critical tool for cybersecurity, passwords are also fragile and many users end up ignoring the recommendations of experts.
Therefore, on that date when the “Password Change Day”, we now show the importance of this security instrument, pointing out some of the worst examples and recalling the advice given by cybersecurity experts to keep your accounts and equipment safe.
Password-related incidents continue to happen, and in the past year, there have been several high caliber mishaps. The latest edition of Dashlane's list of "Password Offenders" highlights some "repeaters", including SolarWinds, whose attack marked the panorama of cybersecurity incidents in 2020, as well as Verkada, whose video surveillance camera system was compromised in March, affecting companies like Tesla, as well as other incidents that marked the year.
Check below the Top 10 security incidents, in the year 2021, that involved password cracking:
1st SolarWinds
2nd COMB
3rd Verkanda
4th RockYou 2021
5°
6th TickMaster
7th GoDaddy/ WordPress
8th ActMobile Networking
9th DailyQuiz.me
New York's 10th Legal Department
According to an IBM study, the costs of data breaches increased by 10%, from US$3,86 million in 2020 to US$4,24 million in 2021. Data from the “2021 Breach Investigations” report from Verizon reveal that 80% of breaches are caused by weak passwords, reused and stolen from employees.
Looking at user practices, the latest list organized by NordPass reveals the worst passwords of the past year🇧🇷 It is possible to find a series of “repeating” passwords that have already appeared in previous analyses: all credentials that can be discovered by hackers in less than a second. The most common password, “123456”, has been found by experts over 103 million times.
So, having a unique, strong and complex password for each of your accounts, but also for your equipment, is essential to maintain security.
It goes without saying that, in addition to overly simple sequences of numbers and letters, family names, important dates and even the name of your favorite sports clubs or your pets should not be part of your passsword. Passwords must contain uppercase and lowercase letters, numbers, as well as special characters, ideally no longer than eight characters.
It is true that not all of us have the ability to memorize all the complex combinations that we use as passwords, but a password manager can be of invaluable help, working as a kind of “vault” for information.
There are also some ingenious memorization tricks that you can put into practice to remember those passwords that you use most often, for example, why not create a sentence with the letters used?
Reusing the same password on different accounts is also out of the question and, for greater security, it is recommended that you touch your passwords every 90 days, regularly checking that they are “strength” enough.
Two-factor authentication is also essential to ensure the security of your accounts, and can be activated on multiple social networks and digital platforms. The method makes it possible to obtain confirmation that it was the user who entered the credentials in the respective service. This can be done through confirmation via email or SMS, but also through applications such as Authy, Google Authenticator or Microsoft Authenticator.
