Technology
Passwords: design and protection strategies
July 31, 2021

Passwords: design and protection strategies

The logic of creating strong passwords is something most of us understand. The stronger your password, the more difficult it will be for someone else to access your application and the information you are trying to protect. However, even though we know this, we often ignore this “Best Practice” when we are actually setting passwords for the applications we want to access online.

Why are we doing this? Convenience above all. Also, I think the inner mental belief that there are so many millions of people online, what are the odds that I’m the one getting hacked? That is, if we are even thinking of getting hacked while setting up these passwords. Many people set passwords just because the application we are trying to access tells us that we must have one.

But have you noticed anything of late when accessing your applications online? Corporations with the applications you access now often ask you to:

  • Periodically change your password. They are asking you to provide additional answers to the questions they may ask you as a secondary step of identification verification.

  • They ask you from time to time if your email address is still correct, what is your phone number, etc.

  • Sometimes you have to enter random sets of characters that show you on a login screen in a box that you must fill correctly to log into the application.

  • They are forcing you to create longer and more secure passwords with special characters and / or capital letters so that it will be more difficult for others to hack into your system.

  • If you are trying to access your information from somewhere other than your own home, sometimes messages appear asking you additional questions to help you authenticate. How do they know that you are away from home? Because their internal systems when you log in also capture your IP address (which indicates your location) and match this with what they have associated with your password for when you normally log in, so they know when you are away.

  • They are even capturing the information from your device, so if you are logging in from a different computer, they may know that too.

Why are they doing this? They are trying to make their applications and the information within them as secure as possible. They are worried about being hacked. And you should be too.

A rationale for this is related to the thought I expressed at the beginning of this lecture that: “… there are so many millions of people online, what are the odds that I am the one getting hacked?” a mistaken belief in your own safety and I’ll tell you why.

When a hacker targets you, this is not a one-on-one personal event. Hacking begins with the hacker’s gathering of more general information. And he or she is collecting a lot of information about many people accessing many systems and the hacker is using personally created “Search” applications to find out about people accessing applications on the Internet; these programs, depending on what they do, are called such things as “bots” or “robots” or “spiders” and so on.

At the same time that these programs collect information on the Internet and then dump the findings into databases controlled by the hacker, the hacker is looking for applications that he wants to enter, looking for weaker security applications that have vulnerabilities that can explode.

So when vulnerabilities are found, the hacker writes an additional passcode to exploit these vulnerabilities and then, combining it with the data collected from their previous data collection efforts, a “Hack” is performed on a target application and more. of a person can be affected by a single “Hack”. In fact, sometimes hundreds and even thousands of people can be exploited almost simultaneously. So hacking is not just one-on-one. These days, if something happens to one person, it is probably happening to many other people as well, and possibly you are included in the trick too.

These Hacks take time to build, but they are sophisticated. And the computers that many of us use are often quite vulnerable.

Here are some things you can do with a password to protect yourself and your data online.

  • Create strong passwords and use them in the applications you access online. A strong password is typically longer than 8 characters, will contain uppercase and lowercase alphabetic letters, and will have at least one special character, such as: @, #, $,%, etc.

  • The password should be random in many respects and should not contain information that can be easily related to you, such as part of your name, your address, the names of your children, the names of pets, etc.

  • Wherever you can online, enable “double authentication” features in applications that allow you to do so, especially when accessing sites that are important to you, such as financial sites or any site where you have left your credit card information.

  • Use different passwords for different applications. Try to avoid using the same password in different applications.

  • Minimize or not use the “Remember my password” and “Autocomplete” features on your computer. These are often stored in your cookies, which can be hijacked by a good hacker.

  • Change your passwords online regularly, especially for your important or financial sites.

  • On social networking sites like “Facebook” etc., be careful about the information you post. Some hackers monitor these sites for personal information that you may be using as part of your passwords elsewhere, such as children’s names, etc. If you are using strong passwords online, this is not such a critical thing, but keep in mind that this continues. If you are still using passwords that contain words that you are also using on your social media sites, these can be used to hack you.

  • Do not use sites that offer to test your planned passwords to see if they are secure or not. Some of these sites may legitimately offer this service, but be aware and don’t. Every site you go to can record your outgoing IP address and if you are testing password strength on a third party site they may record your IP address to find you in the future and you are giving them the passwords you are thinking of using. – It is not a good idea.

In short, I recommend that you take a look at all the sites you access online today and check the passwords you are using on them. Become strategic about this. Ask yourself questions on each site like:

  • Is this a strong password? If not, how should you make it more secure?
  • Can I configure double authentication on this site?
  • Am I using the same password on multiple sites?
  • When was the last time I changed my password for this site?
  • Is there any personal information in this password that others can discover and use against me?

By performing this exercise, you will improve your online security. Its worth doing.

That is all for now. Thanks for reading my article.

admin
0

Leave a Reply

Your email address will not be published. Required fields are marked *

SLOT GACOR

Archives

Categories

Meta

Recent Posts

Recent Comments