Module 3.2 - Password Protection
Password Protection
Is Your Password '123456'?
If it is, you are not alone. According to an analysis of 10 million passwords publicly released from data breaches in 2016, about 17% of accounts were "protected" by this password.2 In 2016, there were a record-setting 4,149 data breaches exposing more than 4.2 billion records.3 Hackers will hack, so what can you do about it?
1 Title : File:Steal password.jpg - Wikimedia Commons
Unfortunately, you can't stop the hackers. You also can't stop companies from irresponsibly storing your account information (like Experian, for example). In fact, up to 90% of last year's hacks were preventable!3 Here's an interactive list Links to an external site. of the world's biggest data breaches. What you can do is protect your data with a strong and unique password.
Manage Your Passwords
In an informal survey of friends, family, and colleagues, almost all respondents re-use passwords. Most have about five "go to" passwords, and they all believe their passwords are secure. The reality of this scenario is if your password is exposed on one site, it is vulnerable on EVERY site where it was re-used - even if you have a 64-character password that is full of random characters. To be safe we need unique, strong passwords for every account we have. For the record, a "strong" password is as long as allowed, and made up of a mixture of upper and lower-case characters, as well as numbers and special characters (~!@#%...).
Safe, Vault, Lockbox, Safekeeping4
How does one manage to remember dozens and dozens of unique passwords? A password manager. But wait, why should you "put all your eggs in one basket"? What if the password manager gets hacked? Here's why...
|
They think about, read about, talk about, and tell jokes about password security. These are really one of the LAST places you need to worry about getting hacked.5
Password Managers
There are lots of password managers out there for you to consider, but here are a few popular ones to get you started.
*Bias Alert! I put my favorite at the top of this list because I use it, it's free, and it's open source.
| Tool | Cost | Open Source* |
| free | Yes | |
| free, no syncing after 1 month or $3.33/mo | No | |
| 30-day trial, $2.99/mo after that | No | |
| free | No |
*Open Source means that the code is publicly shared on platforms like GitHub Links to an external site.. While this may seem like a security risk, it actually improves security because anyone can review, audit, and contribute to the codebase of open source software. This makes it possible for someone to "spot and correct errors or omissions that a program's original authors might have missed."6
1 Title : File:Steal password.jpg - Wikimedia Commons. Source: https://commons.wikimedia.org/wiki/File:Steal_password.jpg, license : Attribution-ShareAlike 3.0 Unported
Links to an external site.
2 "What the Most Common Passwords of 2016 List ... - Keeper Blog." 13 Jan. 2017, https://blog.keepersecurity.com/2017/01/13/most-common-passwords-of-2016-research-study/
Links to an external site.. Accessed 1 Nov. 2017.
3 "Data Breaches Exposed 4.2 Billion Records In 2016 | Investor ...." 30 Jan. 2017, http://investordiscussionboard.com/boards/wavxq/data-breaches-exposed-42-billion-records-2016. Accessed 1 Nov. 2017.
4 Title : Free vector graphic: Safe, Vault, Lockbox, Safekeeping - Free Image on Pixabay - 30110. Source: https://pixabay.com/en/safe-vault-lockbox-safekeeping-30110/, license: Copyright-Only Dedication (based on United States law)
or Public Domain Certification
Links to an external site.
5 Full disclosure: It has happened. Read about it here: "How secure are password managers? - CBS News." 22 Jun. 2015, https://www.cbsnews.com/news/in-wake-of-lastpass-hack-how-safe-are-password-managers/
Links to an external site.. Accessed 1 Nov. 2017.
6 "What is open source software? | Opensource.com." https://opensource.com/resources/what-open-source
Links to an external site.. Accessed 2 Nov. 2017.