Regardless if you run a business or organization, you will no doubt have a slew of passwords to gain access to various online platforms. If you’re a client of ours, you will typically have several depending on your situation and services purchased.
For example, one login is needed for the secure client billing and account area, where you can see what services are active, purchase additional services, view invoices and pay invoices etc.. Another login may be to access your website’s CMS [ Content Management System ] so you can make updates to the website’s content to keep it fresh and updated. Another login will be used for your domain email if you have business email services active with us.
Now imagine if you handed those logins to a hacker with mischievous intents. They could do some damage very quickly, such as defacing your website, changing all passwords so you no longer have access, sending spam email, and more resulting in a temporary suspension for all services until resolved. A costly headache for sure.
Strong passwords [ How to create a strong password ] serve as a main line of defense for Northwoods Web Designs customers and their various login accounts. So why are strong passwords recommended?
Because cybercriminals have a variety of tools and techniques at their disposal to crack passwords, including the following. Fortunately, there are steps you can take to avoid falling victim to these tactics as provided below.
Keyloggers: One of the most effective tools cybercriminals employ is keylogger malware, which records what you type and sends this information back to them. Because keylogging can be used to directly steal passwords, the best way to address it is to avoid infection with such malware in the first place. Keep your system (pc & phone) up to date with security patches, use antivirus and antimalware programs, and don’t click on suspicious links that appear in emails or pop-ups.
Password dumps: Security breaches provide potential attackers with a treasure-trove of data including user IDs, passwords, birthdates and even Social Security numbers. To minimize your risk, never reuse old passwords or share them between different accounts, and change your passwords annually or when required by Ascension.
Brute force attacks: An inelegant but effective password cracking technique involves attempting to log onto an account with a list of commonly used passwords, such as 123456 and p@ssword, which unfortunately are still used by some today. For accounts that will lock users out after multiple failed attempts, cybercriminals use a tactic called password spraying, which involves spreading out their guessing attempts over a longer period of time to avoid detection.
Complex, long passwords remain the best way to thwart such attempts. Attackers start with common passwords and phrases such as password123 or iloveyou, so avoid these as part of your passwords. Northwoods Web Designs recommends passwords that are at least eight characters in length and contain three of the following whenever possible: upper- and lower-case characters, numbers and special characters such as ! or %.
Password resets: Another way cybercriminals bypass passwords is using the forgot password feature. To ward against this tactic, keep your account recovery information up to date. Use only confidential information as the response to security questions an account asks you to answer, avoiding information that might appear on social media sites such as your dog’s name or your favorite hobby.
By understanding the tactics used by cybercriminals will help showcase how important it is to use strong passwords and be aware of what you may be clicking on when on your computer or phone, to assure your passwords are secure and your investments are safe.
Have you ever been compromised before? We would like to hear your story, let us know in the comments section below.