It’s the end of the week, and while many of us are ready to kick off the shoes and let the weekend begin, we feel like it’s worth checking out some password tips to end Privacy Awareness Week, which has been running all week, but has probably been ignored by most people.
Security tips in general can fall by the wayside, but keeping your personal life and information exactly that — personal — is one of the most important things you can do, because you’d never want your life to fall in the hands of someone who could potentially exploit it and make things harder or worse off for you.
This week, Trend Micro’s Tim Falinski checked in with GadgetGuy to let us know that on average, Australians are using less unique passwords than they should be, with roughly one password for every five accounts, an issue that could make it easier for scammers to target their accounts.
Furthermore, plenty of us aren’t using passwords on our devices, such as our phones, tablets, or computers, putting these further at risk.
And why is this the case?
“There are two reasons that consumers say most frequently,” said Falinski, telling GadgetGuy that”it isn’t convenient to have a one and there is just ‘no need’”.
“These two reasons can both be traced back to consumers generally being unaware of the privacy risks that are a result of not having their device password secured,” he said.
Adding a password to a computer is a relatively painless task, and so people are advised to make sure their smartphones and computers have something on them, lending a bit of security to the equation. This is helped even more with concepts like fingerprint security, as the fingerprint itself is a form of security, with a backup passcode also being part of the system, forcing two types of security to your device.
But this is only one part of the equation, and passwords on your computer need to be both stronger and better protected themselves.
Stronger passwords are a bit of an issue by themselves, though, partially because to make them stronger, you need to make them longer with complicated uses of uppercase and lowercase letters, with numbers and other characters thrown in for good measure.
We’ve mentioned in the past that one way to come up with stronger passwords is to use a common set of variables for the first half of a password — such as something you like and some numbers, say “PineappleSorbet88” — followed by an exclamation mark — “!” — and then the initials of a service you’re using. With that example, logging into Facebook could be something like “Pineapple Sorbet88!FB”, with a little difference in a Google Mail password adding another exclamation mark, resulting in something like “PineappleSorbet88!GM!” just to make things different.
You might even want to replace common letters with numbers, such as an “o” with “0”, and an “e” with “3”.
That being said, Falinski is recommending a password manager, since it will mean a tool can help come up with random passwords for you, and then push them out when and where you need them. This isn’t going to be ideal for all people, mind you, and if you jump around to lots of computers, committing passwords to memory — even common ones with various changes on a service by service basis — might actually result in something easier for you.
But Falinski says there’s one area that definitely should be looked at, and it’s browser storage of passwords.
“Cybercriminals know that users love the convenience of the ‘remember password’ option, so they have developed ways to steal your passwords through it,” said Falinski.
“One example of this is ‘cookie-jacking’ where cybercriminals take control of your browser cookies and use them to access your accounts,” he said. “Cybercriminals know where browsers keep these files, which generally have low levels of encryption, making it a popular target.”