It is a basic economic law. While there are easier ways that pay higher, there will always be people that are eager to go against the norm. To hurt, to steal, to lie, to hack. Unfortunately, there is nothing me and you can do against that. We can only do our best in order to prevent for that to happen to us.
When talking about your cyber security, there are a couple of things that you can do to prevent theft of your personal sites, profiles, and information.
First, and foremost don’t let your devices remember Free Public Wi-Fi networks. If possible, never use such. It is possible and a common practice for hackers to impersonate such networks with their devices.
What that means is when you go to the mall and connect to the Wi-Fi, if you let your device remember the connection, the next time it detects a connection with the same name, it will connect automatically. And if this time the connection is not the genuine Wi-Fi of the mall you are at, your device will connect to the hacker’s device. Thus, giving him access to all your data.
Again, never let your devices remember the connection. And if possible, don’t connect to free public networks.
The second way to take care of your cybersecurity is to use a strong password.
A Definition of Strong Password
Before we go to the definition of a strong password, let’s find out exactly how the hackers are trying to hack your website or profile.
One of the most common terms in hacking and one of the most famous (except hacking itself, of course) is the so-called ‘brute force’.
In essence, brute force is when a hacker tries to enter your website by trying a vast number of predefined and frequently used passwords. All of this happens automatically. The person that is trying to brute force your website could be outside, drinking coffee, while a bot enters and re-enters different combinations of username and a password, in order to break in your website or profile.
The strength of your password is one of the main ways to prevent this. And the harder it is for a computer or a human to guess the password in case they don’t have any idea what it is, the stronger the password is. In an attempt to go as far as possible from mathematics let’s just note that the longer, unpredictable and complex your password is, the stronger it is.
And logically, the stronger the password, the less risky it is for you to get hacked.
If we have to bring out a definition of a strong password, it could be something like this:
A strong password is a long, complex and unpredictable line of letters, numbers, and symbols. Its main function is to prevent humans and computer programs from guessing its forming parts and their arrangement.
Bonus: List of the most common password in 2017
If you can find your password of any of your registration, I would highly recommend you to take care of it right now and go change it.
Here is the list of the most common passwords in 2017:
123456; password; 12345678; qwerty; 12345; 123456789; letmein; 1234567; football; iloveyou; admin; welcome; monkey; login; abc123; starwars; 123123; dragon; passw0rd; master; hello; freedom; whatever; qazwsx; trustno1;
Strong Password Tips
Here are some tips for choosing a strong password.
- You should be able to remember it. Something meaningful to you, that you can always remember is a good start for creating a strong password. Yet, stay away from birthdays, names of significant others, family members, and dates that could be easily guessed. Remember, a strong password is unpredictable.
- Don’t use word or brand name. Especially if you are using that brand. Again – unpredictability and complexity.
- Put at least 12 characters. The length of the password is the third component of its strength. The longer, the better.
- Include Capital Letters, and Lower-Case Letters, Numbers, and Symbols.
- Don’t rely on obvious substitutions. Using number instead of a letter or a word is not so clever as you may think. The list of the most common passwords proves this statement. Two of them are passw0rd(with a zero instead of an ‘o’) and trustno1(with a 1 instead of the word ‘one’). Yet, they are among the most used. Don’t do that, or at least don’t rely on that.
- Don’t use the same password with all of your online accounts.
How Safe is My Password
It is possible that all this concept of password strength is new to you. Hopefully, your password is not in the list of the most commonly used ones, but now you are trying to figure out exactly how strong is the one you’ve chosen.
And it really is a question you must ask yourself. And it will be hard for me to answer that question without knowing your password but to let someone know your password is just wrong. On so many levels.
Still, there are thousands of way to define exactly how safe you can feel with your password.
Here is a tool, I believe, you can trust. It is a password checker that Kaspersky built. I really liked it and the fact it automatically detects if the password you entered is among the most common ones, makes me feel like it shows reliable information.
Now you know what a strong password is. You know that you shouldn’t use the same password with all of your accounts. You know the password should be long, complex, unpredictable.
If you are like me you have more online accounts than you can remember, let alone the passwords for them.
There are ways to overcome that issue. With Ease.
It is called Password Manager.
In essence, a password manager is a program for your computer or extension for your browser (or the browser itself, for that matter), that gathers all your passwords in one account. And to enter that account you have to enter a password. Which will be the only password you’ll have to remember, if you are into using such helpful tools.
Me personally, I put my trust in Google Chrome. This browser has its integrated password manager. And it is a double authentication process. Which means, you’ll have to put two passwords, to see these, which are saved in the browser itself.
First, the browser is connected to your Google Profile. And if you were in your account when you chose to save the password, it will be only accessible when you are using the same account.
Say, you left your computer on and someone tried to get your Facebook profile’s password. They will most likely fail, as the password manager of chrome asks you to put the password of the computer that you are using in order to show you the password you want to see.
Thus, if you save your passwords in Chrome’s integrated Password Manager, don’t let anyone see your computer’s password (or any other device for that matter). Also, don’t log in to your Google account anywhere except your personal or office devices.
LastPass is, I’ve got to admit, a very successful name for a tool that will let you forget all of your passwords, but one. The last one.
This is the tool that my colleagues trust when it comes to password managing.
The tool does what the Chrome Password Manager does. And a little more. Here you can save the passwords of applications, you’ll have the freedom not to use Chrome if you so choose to.
LastPass has extensions for Chrome, Mozilla, Opera, Microsoft Edge(Internet Explorer), and Safari.
And the best part – the extensions are free.
And if you choose to go premium, the plans start from $2. And this plan doesn’t compromise with anything, as the most expensive is $4.
In essence, LastPass is a password manager. With a slick design. And applications, so your passwords, go wherever you are and in any of your devices. Just remember the Last Pass.
I can never stress enough that taking care of preventing anyone to access your online accounts, is as important as preventing germs from entering your body. But while in most cases the germs in your body will put you on a bed for a week, the germs that enter your website, or any online account could turn your life upside down.
Thus, you should do your best not to let that happen. Use a long, complex and unpredictable password. If possible different on every account that you have, and once your passwords become way too much to remember, find yourself a Password Manager that you can trust and go from there.
Also, when it comes to website security, remember that a strong password is not the only thing you can do, neither it’s a panacea.
You can always employ defense in depth principles by using layers. Meaning to make two or more step authorization process for the website to be entered.
Don’t let everyone have administrative rights. It is not needed.
If you are using WordPress, you can restrict the access to the wp-admin page from anywhere except where it is needed. Also, you can use security plugins.
Create backups. As often, as you can.
Register your website with Search Engines – Google and Bing have Webmaster Tools, use them to tell you the health of your website.