With more and more people spending time on the internet each day, there is certainly nothing wrong with taking security measures to prevent unauthorized users (also known as hackers) from invading their privacy and tampering with their computers.
"In the first half of 2019, data breaches exposed over 4 billion records. Moreover, a recent study found that hackers attack every 39 seconds — that adds up to, on average, 2,244 attacks per day ."
(HubSpot, 2020) (Source: https://blog.hubspot.com/marketing/cybersecurity)
To protect cyber security, most internet sites nowadays offer users the ability to perform two-factor authentication - Officials from Facebook even remind their users of this feature while working on their platform.
Two-factor authentication is a simple process that involves something that the user knows (username and password) and something they own, which they know (mobile phone, USB device). When the username and password are matched, allowing the user to login to the account, a one time password will be sent to their mobile phone which will automatically log them in without any further input or action by the user.
Of course, performing two-factor authentication is easier said than done. First of all, one has to remember that complicated passwords are more vulnerable to hacking. Also, if one performs two-factor authentication, they probably know that their password is likely to be kept on their account at all times. Therefore, hackers may easily guess most of your passwords as your one time password, hacking into your account with ease.
As a result, it is recommended to perform two-factor authentication only when necessary. For example, if you have performed a transaction through your bank and you have keyed in your login credentials, it is important to sign out from your bank's website-especially if they are asking for one time passwords. By signing out of your account, you are preventing hackers from using your password to gain access to your online accounts.
However, two-factor authentication may not be sufficient to protect your passwords. A lot of web applications these days, ask users to remember different passwords for different accounts. Examples include email accounts, online gaming accounts and shopping carts. While it is highly convenient to keep the same passwords for different accounts, it is also one of the many ways cyber criminals work to steal users' passwords. So it is imperative to keep a few different passwords for different accounts to prevent hackers from attacking all your accounts. Remember that hackers today are actually using data recovery software to recover stolen data. Some, known as data recovery companies, are flooding the internet with ads offering their services to recover stolen data.
Minimizing the Risk
Using a combination of numbers, symbols and caps in your passwords greatly reduces the chances of being compromised. Do not forget to add numbers, headers and punctuation marks to your passwords to make it harder for a hacker to decipher your password. Using a complicated password with a mixture of capital letters, small letters, numbers and symbols also substantially reduces the chances of a hacker guessing your password.
While making your password difficult to guess may sound negative, making it difficult for a hacker to break through is precisely what you want. You will spend hours creating a password that nobody can guess. Then, you will discover that no matter how hard you are working to create the perfect password, it still cannot stop a skilled hacker from breaking through your defenses and gaining access to your personal information.
The paradox is that while making your password difficult to guess may decrease the chances of successful hacking, making your password easier to remember substantially increases the chances of being attacked. This is because our minds tend to fill in random words and patterns, regardless of the kind of system we are using. And because our passwords remain the same, even if we use different passwords on different systems, we also have to remember those passwords. This is not a desirable experience for either us or the password we are creating.
Is there a way to combat this problem? Yes, password complexity can be made more difficult without significantly affecting the overall security of the system. There are several ways to make a system more secure without making it easier to hack or adding unwanted features. One of the most commonly used ways is to add lists of required letters and numbers to the upper and lower case letters.
