Is Your Strong Password Enough To Keep You Safe Online?
It may seem like a constant battle to create and remember passwords for your computer, bank accounts, social media and any programs you use. Not only is it important to use strong passwords, but also to not use the same password for multiple accounts. Say what? It seems like a daunting task, but it is also a necessity due to a constant threat of cybercrime.
What is Credential Stuffing?
If and when you get hacked, it’s easy to think cyber criminals used some high-tech program or code to gain access to your accounts. The truth is, however, that data breaches aren’t always this sophisticated, and all malicious parties need is a little trial and error to steal your personally identifiable information. This tactic is known as credential stuffing, and it’s becoming a common tool for cyber criminals of all kinds.
Simply put, credential stuffing attacks are when a malicious party takes a stolen username and password and tries it on a variety of different websites. For example, a hacker may have purchased your Google username and password from the dark web. Assuming that you use the same password for multiple accounts, the hacker would test these credentials on other platforms (e.g., banking or social media websites) using botnets (groups of computers tasked with various commands). Essentially, by using information from one account, criminals can potentially access data from a variety of platforms, draining bank accounts or gathering information they can sell to other malicious parties.
Credential stuffing can affect everyone, from individual users to the biggest companies. In fact, a Yahoo breach that impacted approximately 500 million users was largely carried out using credential stuffing.
What Can You Do To Create Truly Strong Passwords?
Because credential stuffing relies on victims having the same password for multiple accounts, there are some simple ways to protect yourself:
- Avoid using the same password for multiple accounts—Credential stuffing works because many users use the same password for multiple accounts. To avoid becoming a victim, it’s important to change your passwords often and never use the same password.
- Use two-factor authentication—While complex passwords can deter cyber criminals, they can still be cracked. To prevent cyber criminals from gaining access to your accounts, two-factor authentication is key. Through this method, users must confirm their identity by providing extra information (e.g., a phone number or unique security code) when attempting to access corporate or personal applications, networks and servers. This additional login hurdle means that would-be cyber criminals won’t easily unlock an account, even if they have the password in hand.
- Create strong password policies—For employers, ongoing password management can help prevent attackers from compromising your organization’s password-protected information. You’ll want to create a password policy that requires employees to change their password on a regular basis, avoid using the same password for multiple accounts and use special characters. Long passphrases are becoming increasingly popular as well, and may be a good option for your organization.
- Provide security training—Even the most robust and expensive data protection solutions can be compromised should an employee click a malicious link or download fraudulent software. As such, it’s critical for organizations to thoroughly train personnel on common cyber threats and how to respond. Your employees should also know your cyber security policies and know how to report suspicious activity.
How To Create a Strong Password
There are many sites online that can help you with your passwords. Articles such as How To Create A Strong Password and Remember It includes tools such as Password Managers.
- Password Generators: Password generators can help create a very strong password. Sites like Norton Password Generator. These strong passwords may not be easy to remember, but by keeping a separate document or password manager can help you track your user name and passwords.
- Make Your Password Unique: Do not use common words, be sure to use numbers, letters and symbols.
- Stored Passwords: Keep written passwords hidden or a password spreadsheet secure with a separate password. Don’t forget to update your password list up to date.
California’s Leader in Insurance and Risk Management
As one of the fastest growing agencies in California, GDI Insurance Agency, Inc. is able to provide its clients with the latest and greatest of what the insurance industry has to offer and much, much more.
We are headquartered in Turlock, CA, with locations across the heart of California’s Central Valley, Northern California and beyond to provide a local feel to the solutions and services we provide our clients. We pride ourselves on exceeding our client’s expectations in every interaction to make sure that our client’s know how much we value and appreciate their business. Contact us today 1-209-634-2929 for your comprehensive cyber liability insurance quote!