The digital landscape has bought with it many great innovative and creative improvements, sadly it has also seen an enormous increase in cyber threats. Ransomware was behind the biggest jump in cyber-criminal activity. Most CISO’s (Chief Information Security Officers) will admit that it is near on impossible to make systems 100% secure in an ever-changing landscape but as we know the majority of breaches are due to human error. So how can we help?
At the risk of banging on about keeping our personal data safe again here are a few stats and things we can do:
The problem:
Splashdata amongst other companies keep lists of the most common passwords people use over the last decade, sadly things have not changed, here is a comparison of 2011 v 2019:
| 2011 | 2019 |
| password | 123456 |
| 123456 | 123456789 |
| 12345678 | qwerty |
| qwerty | password |
| abc123 | 1234567 |
| monkey | 12345678 |
| 1234567 | 12345 |
| letmein | iloveyou |
| trustno1 | 111111 |
| dragon | 123123 |
What can we do?
For lack of a better example, try and make it a harder for people to get at your information. Remember the sign on the door “Our neighbours have much nicer stuff and a smaller lock”.
Top of my list is to utilize bio security as much as possible. Fingerprints, facial and iris recognition really help. Second on the list is MFA (multifactor authentication). Many personal apps and of course your banking apps offer this. If it is offered to you, take it. MFA can use geolocation and be set to ask you every few weeks to avoid the pain of doing it every time. It requires the criminal to have access to a second mode of authentication.
Look to use a passphrase instead of a password. This makes it easy to remember but difficult for scanners to work it out.
e.g. The Quick Brown Fox Jumps Over The Lazy Dog (include a number you remember)
- This can be easily remembered and abbreviated into something simple. TQBFJOTLD
- Change case TqBfJoTlD
- Now the number or a symbol or both TqBf78JoT!D
Hard to remember?
That’s where the use of a password vault comes into play. There are a lot on the market like LastPass, EnPass, Dashlane or the above mentioned Splashdata.
In a nutshell, you use the passphrase as the master password for your password application. You now only need to remember the one passphrase. This application will manage all your password needs. It will help you generate passwords that are complex and long for any site you visit and log you in automatically. It will verify that the site is safe, so you don’t have to. It will even keep credit card information safe and warn you when using your cards on dubious sites. You load the software on any device and you’re good to go.
Will this keep you 100% safe, sadly no, but it will make you too much of a hassle for the bots trying to get in and they will move on.
To recap:
- Use Bio security when available.
- Use MFA when it is offered.
- Use password management software to make things simpler.
One last reminder, when you walk away from your PC lock it…. Windows key and L does the trick.
Interesting chart:
Mike's Blog 
Good advice! I’ve used a password safe for years, but have only recently started using a dumbphone. Do you know of any password safes that work conveniently with dumbphones?