Africa-Press – Eswatini. We are on the fourth week of the National Cybersecurity Awareness Month and the focus has been about equipping individuals and organisations to make smarter decisions at the office, home, or even at school.
Cybersecurity is all about people’s behaviour; they may either be the strongest or weakest link. Every user of the internet has a big role and responsibility. One element that is key to security is password protection. It is widely talked about and the assumption is that everyone knows what to do, but reported incidents show that it is not used correctly to protect information; at personal level and within organisations.
Password protection is the process of protecting information using a private code. Only people with authorisation can gain access to information that has been protected. At organisational level, passwords are commonly used to gain entry to networks and various Internet accounts to authenticate the user requesting access.
Therefore, it becomes crucial that password protection policies are put in place within organisations to guide employees on the creation, storage and management of passwords.
Passwords are the first line of defense against unauthorised access of online accounts, devices, and files. Strong passwords help protect data from bad actors and malicious software. The stronger the password, the more protected the information will be. Using weak passwords is not safe.
Again, at business level, passwords remain an effective solution for identity-based access control of digital assets when considering cost, security benefits, and ease of use and management.
Password security systems are used not just to protect data but also to verify and establish identity for personalised features and account access. Stolen credentials are commonly used by cyber attackers to deliver malware. For this reason, it is important to adopt password security best practices, such as multi-factor authentication (MFA)
The challenge is that the average user now manages more passwords than ever before, and with so many online accounts, password fatigue is an avoidable reality. It is tempting to use simple passwords or the same password for several accounts instead of creating unique passwords for each account. Password complacency, however, can lead to devastating consequences for individual users and businesses.
For individuals, the loss of valuable personal, financial, and medical information can have long-lasting financial and reputational repercussions. Victims may find themselves losing time and money just to recover their good name and get their lives back on track. When cybercriminals gain unauthorised access to an organisation’s data, the consequences can be severe.
Businesses can experience a significant loss of revenue, intellectual property, and disruption to operations, as well as incur regulatory fines and sustain reputational damage. Hackers are becoming increasingly sophisticated in the way they steal passwords.
Bad actors use the following tactics to steal passwords;
t Brute force attacks – a method that uses trial and error to crack passwords and gain unauthorised access to accounts and systems.
t Credential stuffing – the automated use of stolen usernames and passwords to gain unauthorised access to online accounts, is another tactic used by attackers.
t Dictionary attacks – trying to break a password by entering every word in the dictionary and using derivatives of those words with character and alphanumeric replacements.
t Key logging – the use of a software program to track a user’s keyboard strokes to steal PINs, credit card numbers, usernames, passwords, and more.
t Malware – malicious software designed to harm or exploit computer systems and, in many cases, steal passwords.
t Password spraying – this is the use of a single password against many accounts to avoid account lockouts and remain undetected.
t Phishing – tricking users into sharing their credentials with hackers impersonating legitimate institutions and vendors.
The best way to protect against password hackers is to use strong and unique passwords on all devices and accounts. Be skeptical about links and attachments. When in public spaces, shield paperwork, device screens, and keypads from view to keep criminals from stealing passwords by looking over your shoulder. Another important prevention measure is to avoid accessing personal and financial data with public Wi-Fi. Where possible, install antivirus and antimalware software on your devices.
Strong passwords can help defend against cyber-attacks and lower the risk of a security breach. They are typically long and include uppercase letters, lowercase letters, numbers, and special characters. Strong passwords should not have any personal information.
Follow these guidelines to create strong passwords:
t Use at least eight to 12 characters.
t Use a combination of letters, numbers, and symbols.
t Use at least one uppercase letter.
t Use a different password for each of your accounts.
When used properly, password security can be very effective and plays a key role in multi-factor authentication (MFA). However, inattentive user behavior and insufficient protection of credentials by enterprises can be a cause of damaging security breaches. The first password systems assumed that users would memorise their passwords, which would create a secure form of password management.
However, passwords have proliferated in home and work life and have also become more complex. Users have too many passwords to remember and often reuse passwords, hence, why organisations must have cybersecurity policies to protect both their employees and company data.
For More News And Analysis About Eswatini Follow Africa-Press
