Every year, on the first Thursday in May, World Password Day is celebrated. This year, with the trivialization of remote work, marking this date is even more relevant. Many users innocently believe that a cybercriminal would have no interest in their personal data or devices. The company's many years of experience Check Point® , prove that this is not the reality. Education for cybersecurity is increasingly important and begins with the use of passwords that effectively guarantee the protection of personal data and sensitive information.
The increase in the number of people working at home contributes significantly to the increased risk of security breaches in a company's system. Passwords continue to be the most used means to protect personal data or manage access, both professional and personal. Check Point Software warns of the main tactics used by cybercriminals to steal passwords, leaving some security advice:
- Phishing attacks. It has become a widely used methodology for stealing passwords and usernames. It operates relatively simply: an e-mail that appears to come from a trusted source (such as a bank or an energy brand) but which is actually a way of manipulating the recipient and stealing confidential information. In this case, one of the best recommendations is to use double factor authentication. This extra layer of security forces the user to enter a second password, which is usually received via SMS. Thus, access to an account is prevented, even if the cybercriminal has access credentials.
- Dictionary or brute force hacking. This type of cyber attack has the method of trying to decipher a password through trial and error. Cybercriminals try different combinations at random, combining names, letters and numbers until they reach the correct pattern. In order for your goal not to be achieved, it is essential to have complex passwords. To do this, leave out common names, dates or combinations. Create a password of at least 8 characters that aggregates letters, upper and lower case letters, numbers and symbols.
- Keyloggers. These programs are able to record any click made on the computer keys and even what the user sees on the screen, and can then send the retained information (including passwords) to an external server. These cyber attacks are, as a rule, part of any malware that the person already has on the computer. The worst aspect of these cyber attacks has to do with the common practice of using the same password for several different accounts, which means that by accessing a password, the cybercriminal can enter multiple accounts. To prevent this from happening, it is crucial to have an individual password for each platform. For this, a password manager can be used, which allows to manage and generate different robust combinations for each profile, based on defined guidelines.
"When it comes to ensuring the highest level of cybersecurity, it’s just as important to have the most advanced technologies as preventing the risks of password theft, ” alert Marla Mendes, responsible of Check Point Software for the Angolan and Mozambican markets.
“Both phishing and keyloggers are attacks used on hundreds of devices. The risk of being the next victim can be easily remedied by configuring robust and varied combinations of at least 8 characters interspersed with letters, symbols and punctuation marks. If so, cybercriminals will find it much more difficult to obtain access credentials and the security of our computers will be guaranteed".