Cybercrime is rampant right now, but you can take action to protect yourself and your business from it.
A hacker can crack your password faster than you can sit back down. Many websites and companies recommend changing your password every 90 days, and back in the 90s and early ’00s, creating an eight-character password was the norm! Let’s say you have an eight-character password, which contains numbers, upper and lowercase letters and symbols, it would take just 39 minutes to crack!
Not that long, right? So, let’s imagine you have an eight-character password using just numbers, no upper or lowercase letters or symbols… a hacker can crack that almost instantly! That’s a significant change from 90 days!
A vast array of options can help improve your password protection to combat cybercrime and other attempts to hack into your devices and accounts. Let’s go through some of them.
1. Password Managers
To protect your privacy and security, use a password manager to create and remember different, complex passwords for your different online accounts. We love to use password managers. Some great ones are LastPass and 1Password, but Google Chrome and Safari offer a similar services too. Both can generate passwords, monitor security breaches, suggest changes to your weak passwords, and sync passwords between your different devices.
While we’re here, take this opportunity to change any passwords for devices in your house. So, if your smart light bulbs or security cameras have your pet's name or “1234” as your password, change them, and if you don’t believe us, maybe Michael McIntyre might convince you!
2. Two-factor Authentication
If you want to protect yourself from online attacks, you should use two-factor authentication. Many social networking sites offer two-factor authentication so you might have previously encountered it. How does it work? Well, it requires two steps: enter your password, followed by a number you can access. Let’s take Meta (Facebook) as an example; first, you would log in with your username/email address and password. Meta would then text you a temporary code or email to log in.
3. Zero Trust Model
According to Infosecurity Magazine, a Zero Trust Model has been implemented by over 15% of organisations at the end of 2019. So, what is it? Zero Trust is a digital security approach that limits access to sensitive data. Zero Trust, by default, does not trust anything, including users, devices or accounts. This approach requires a company to verify and authorise every connection into and throughout its business. Check out five steps to building a Zero Trust Network here.
4. Go passwordless
Passwordless login methods use a token or some other method like a smartphone or biometrics to verify the individual’s identity, making it easier and safer for your employees at work.
Biometrics: Physical traits, like fingerprint and retina scans, and behavioural characteristics, like typing patterns and touch-screen dynamics, are used to identify a person. Even though modern AI lets hackers spoof certain physical traits, behavioural characteristics are much harder to fake.
Possession factors: Authentication via something a user owns or carries. For example, a smartphone authenticator app, a hardware token, or an OTP (one-time password) sent via SMS. Here at Spark, we foster a security-first approach and partner with OKTA to use their ID management software, and SSO helps us with that!
Magic links: The user enters their email address, and the system sends them an email with a link, which will grant them access!