All of us remember the tale of Alibaba and Forty thieves, where Alibaba protects the treasure with a secret passphrase to enter the cave “Khulja, Simsim”. But unlike Alibaba who just don’t have to remember more than one password, today password became an integral part of our lives. From social networking to internet banking, ATM Machine to Email’s, passwords are everywhere, which means we have to remember more than just “Khulja , Simsim”.
Why do I need a password?
Well, the answer is Internet. Today almost every individual has a virtual space online and it is very much important for one to make sure that only one can access the important and secret, Data and information, which is intended to be used by oneself only. This data could also be some financial information that can cause trouble if handled carelessly.
Okay! So why can’t I use a simple password or same password for my all online activity?
Passwords are our only defense for securing the online activity and a simple password, whether it be your name, your family member name or your phone number is an easy guess for the person who does not want to mind their own business! And if one uses the same password for all online activities, a compromise of one account affects all. So it is better to have a different password for each online activity.
So what’s the recipe for a hack-proof password?
There is nothing like a hack-proof password, Security measures never guarantee the 100% result, but they reduce the risk up to the acceptable level. However, there are
certain points which need to be taken care of before building a strong password.
1. A good password should be 16 characters long. Longer the better.
2. It should have uppercase, lowercase, numbers and characters.
3. There should not be any repetition and avoid the use of dictionary words.
4. Always try to club the password with a two-factor authentication for the second layer of security.
5. Follow the above three carefully.
I created a password even I also don’t remember?
After creating a password what most people do wrong is that they use the same password for all the accounts, Because of complexity to remember the different passwords. But there are various password managers available to rescue you. Password managers like LastPass, Dashlane, 1Password provides you to save the password for all your accounts and access that with a master password. So at the end, you only have to remember one master password. They even help you create a complex password also. Problem solved!
Wait! Websites still block the use of password manager!
Typically, Password Managers generate long, complex, and most importantly unique passwords for you, and then store them in encrypted form. All you need to do is remember one master password to access all others. Some companies say that disabling the pasting of passwords is a security feature that prevents password phishing as well as brute force attacks. Although the companies also give a reason that by doing so, they are helping their customers.
I followed all these guidelines and my account was still hacked! How did that happen?
Recently, Mark Zuckerberg's Twitter and Pinterest account were hacked, Sundar Pichai Quora account hacked, Jack Dorsey Twitter and Vine account hacked. Certain Porn sites also faced password breaches followed by the recent confirmation from yahoo accepting a massive data breach in 2014 that could have affected millions of user.
Apart from the user, website owners, as well as developers, also have to focus on enforcing a strong password policy on their user and do not allow them to sign up using a weak password. Just because users find it annoying to fulfill every criterion to set a password, developers often neglect the user safety with the user experience.
Great! But I still don’t like to remember those password or master password!
In near future there might be no need to remember password,The next time you’re at your computer about to access sensitive financial information about, imagine if you didn’t have to begin by remembering the password you created weeks ago for this particular site: capitals, lowercase, numerals, special characters, and so on. Instead of demanding that you type in a username and password, the site asks what you had lunch yesterday; at the same time, a device on your hand analyze your veins . The process not only provides a better user experience—it is more secure. Using unique information about you, this approach is more capable and robust than a password system.
Stay Safe, Stay Updated.
Read more of my blogs @ techiyappa.blogspot.com