Let’s imagine a situation where you don’t care about security and use the same password on most websites. One day there is a data leak on a website you’re using. Your password gets into the hands of a cybercriminal, who will definitely check whether your email also uses the same password. If so, this is a dream scenario for a hacker. Having access to an e-mail account, they are able to take control of your virtual life. In one moment, they can take over any website we use just by clicking on the “forgot password” function. Soon after that, a link with the possibility of setting a new password will appear in the mailbox …
What happens next depends on their creativity, and they certainly don’t lack it. The effects of taking over the mail can be terrible. The story above shows how easily we can expose ourselves if we do not follow the rules of internet security. We are never able to protect ourselves against an attack in 100%. It doesn’t change the fact that we have a real influence on reducing the potential threat.
- Use unique passwords, different for each website (more on secure passwords below)
- Use two-step verification
- Do not open attachments from unknown senders
- Install programmes only from trusted sources
- Use an antivirus with enabled firewall on each computer
- Use trusted networks
- Be sensitive to phishing, not every person on the Internet is who they say they are.
- Do not reveal your logins and passwords
- Regularly update your antivirus and operating system
“You are as good as your weakest point” – this saying is also reflected in security systems. In this case, the human is the weakest element. The latest security systems will be useless if your bank account password is your dog’s name.
How do I create a secure password?
One recommendation when creating passwords is to change your mind from password (word) to pass-phrase (phrase). Instead of creating short, complicated passwords, create long passwords consisting of a few random words. Remembering a password like this is easier and breaking it with the brute force method (trial and error method) is more difficult.
The secure password has:
- min. 12 characters (if it is one word, it should not be in the dictionary)
- min. one digit (no expected order e.g. 0000, 1234, 2020)
- min. one capital letter (do not put it at the beginning or end of the password)
- min. one special character (an exclamation point at the end of the password is not the best solution)
- The password should not consist of single, common words, e.g. names, surnames, dates and anything that can be associated with us.
If remembering passwords is not your strong suit, you can use the help of a password manager. It is a programme that works like a safe for your passwords. We set one very strong password that we must remember as we will need it to log into the programme. We can then manage all the passwords we have saved there, create new ones and use the password generator. Password Manager stores our data in the form of an encrypted file. We can choose from a variety of programmes operating on this principle, one of the most popular ones and recommended by specialists in the field of IT Security is KeePass.
This is not a complete list of good practices, it is much longer and more complicated, but by implementing these rules, we can be more aware of the dangers while using the Internet and reduce the risk of exposure to hacker attacks.