What matters when it comes to password security: Still simple, but secure!
Streaming and e-mail services, banking transactions, social media and smart home devices - all these online transactions require a password - every online shop alone needs a separate one when registering. There is a lot of information that needs to be remembered. But if we're honest, we often put convenience ahead of security when it comes to this topic - and use the same and mostly relatively insecure passwords for several accounts.
At least that is the result of a study commissioned by Bitdefender, in which more than 10,000 users worldwide were asked about their online behavior. According to this, around half of all respondents use only one password for all their online accounts; a third reuse a few passwords across multiple accounts. This is a welcome invitation for hackers. In addition, more than half of respondents say they use easy-to-remember passwords. With the large number of accounts that everyone now has, this of course also means that easy-to-remember and therefore weak passwords are used.
Using the same and weak passwords significantly increases the security risk of users becoming a successful target of a cyber threat. This includes all possible types of threats: scam messages, phishing attacks, data breaches, financial fraud, email hacking and much more. The risk of an account being hijacked by hackers is increased many times over when users ignore security recommendations and, for example, reuse passwords. There is also a concrete danger that digital identities will be stolen, traded on the dark web and misused for further criminal activities. This means that once an identity has been stolen, it may just be waiting for the right buyer, who will then use it for criminal activities
What possibilities does the technology offer?
Two-factor authentication: A very important security measure is the use of two-factor authentication, 2FA for short. Because even if a password is stolen, cybercriminals cannot access the corresponding account without the one-time password sent via 2FA to email or smartphone. The very urgent recommendation is therefore: If the option of two-factor authentication is given, it should be used in any case. Fortunately, there are fewer and fewer providers who do without it.
Use of a password manager: Another help is the use of a password manager. Secure passwords must meet a number of criteria: Upper and lower case letters, digits, special characters such as rhombuses and asterisks must be included; in addition, the passwords must be at least eight characters long; if they are longer, it is even better. This would mean a lot of extra work for the brain, which is why many weak and identical passwords are used. The good news here is that the password manager can take over this work.