By Aiyappan Pillai
Social media, online banking, e-commerce sites, e-mail – each of these are accessed with the use of passwords. Our passwords are the keys to our digital lives. They help us access and protect valuable information. So, they should only be known to us, and we need to ensure that they are strong enough to safeguard our accounts and personal information.
The lockdown has pushed a large portion of the Indian population to work from home. While this has brought a business challenge, many corporate leaders are viewing it as beta-testing to see if employees can work remotely on a longer-term basis. This can lead to increased productivity, but it can also lead to personal or business data being at risk more than ever.
There are more remote devices connecting to various networks, via VPN, or with WiFi systems that could be vulnerable. One of the top priorities for businesses and organizations, is keeping data safe and secure during these uncertain times – and ensuring that all employees in the organization are using strong passwords.
Strong and secure passwords are essential as it is possible for weaker passwords to be cracked by intercepting them through networks, automated tools, social engineering, or malwares. Powerful passwords are hence vital for securing our personal information from cyber criminals. Below are the ideal ways in which organizations and individuals can create stronger passwords.
Avoid generic passwords
Generic passwords like your name, address or phone number must be avoided, as they are always easy targets. Passwords such as “admin”, “admin123”, “12345”, “Password” or your birth date might be easy to remember, but many reports have stated that these are commonly used, can be easily guessed and even be identified by automated password generating programs designed to hack systems. Very short passwords can also be vulnerable to such automated tools. Your password should have at least 8 characters. Always use a mix of lower-case & upper-case alphabets, numbers and permitted special characters.
Enable Two Factor Authentication (2FA) or Multi-Factor Authentication (MFA)
2FA is one of the most secure and effective ways of safeguarding your digital accounts, as this increased level of safety protects accounts even if the password is vulnerable. The approval system depends not only on a single password for identification, but also on a security number, one-time-password (OTP) by mobile or email, a biometric verification or a combination of these. This provides extra levels of security and makes it harder for attackers to gain access to a person's accounts. However, one must ensure the security of these additional factors of authentication. For instance, if OTP is a factor in place, ensure that the mobile phone is always in secure hands.
Customize your passwords
Passwords must be customized to specific websites registered on – with unique alphabet combinations, numeric and symbols found on the keyboard. We should devise unique password combinations for each website to ensure that they are difficult to crack, even by password generators. This also prevents all accounts from getting compromised if one site is cracked by hackers.
Make use of phrases
Phrases are one of the easier and smarter ways to create stronger passwords. Each of us have our own favorite phrases, making them difficult to be guessed. The length of the phrase and the characters we add, have an impact on how hard they are for cybercriminals to crack, even with tools. This technique can be adopted when the application supports long passwords. We must ensure that the phrases we use are random, so that our passwords don't have a pattern. And irrespective of the chosen approach, one must change passwords periodically.
The author is IEEE member. Views are personal.