With recent breaches in mind, many may be wondering, “What can I do? How secure is my password? It’s all so complicated! Is there any way to stop this occurring?”
Yes there are things any user of technology can do to improve security, but first let’s put a little perspective to this big mess.
You have probably heard the old adage, that an accident is never due to one event or issue, it is always a string of events or a number of issues, actions or inactions that lead to the accident.
In the same way, some of the most complex security breaches were initiated by the simplest of security mistakes.
Cyber Threats and Security Clue # 1
We all remember the Mission Impossible scene where Ethan Hunt is hanging by a couple of spider’s web strands made of ‘unobtainium’, a few feet off the floor which is alarmed, wearing some super cooler suit so his body heat doesn’t trip the temperature sensors, trying to steal information from a computer in a biometrically locked room inside a super secure government facility?
In reality Ethan would walk up to the door and say “Hello Mate! I’m from Security. Can I look at your key please?” He would then slip through the unlocked door, handing the key back, and say, “It’s all OK. Don’t worry. Everything is fine. Relax. I’ll be back soon.”
And he would disappear.
That is called Social Engineering.
It used to be talked about a lot, but has been lost in the mass of jargon and buzz words that we hear nowadays. That’s a shame, because Social Engineering still works very well and a lot of people are unaware of that.
There’s a clue here somewhere.
Cyber Threats and Security Clue # 2
During World War II the Germans used a machine that was code named Enigma.
This machine was used to encrypt radio traffic that the German army, navy and air force used to communicate.
Despite having obtained an Enigma machine, the allies were still having trouble breaking the codes in a useful time frame. That was until a German cypher clerk made a very simple and monumental mistake.
The clerk reused an old passphrase or key. That was all that was needed to crack the code.
Hmmmmmm. A clue here somewhere too?
Actually getting in the door undetected should be the difficult part; but we make it easy for the bad guys when we don’t protect our passwords, when we reuse old passwords, when we use the same password for most of our accounts, when we use simple passwords and when we trust someone we shouldn’t. Again, we should ask, “How secure is my password?”
If you want to play your part and help protect against attacks, remembering the above information and adhering to these basic rules will add much needed depth to your defense. I can’t promise you immunity, but I can tell you that these simple acts will raise your odds of avoiding a breach, and that should provide some assurance.
Tips to help you out
- Don’t give out your password.
- Don’t use the same password again and again.
- Don’t use the same password for most/all of your online accounts.
- Don’t use simple passwords.
- Don’t trust anyone you don’t know very well.
- Do use a password manager utility.
- Do use special characters, numbers and both cases in your passwords.
- Do tie your password to a memorable word, phrase or event, which will allow you to increase the complexity.
- Do ask yourself how secure is my password? Take 10 minutes to think about and jot down memorable words that you can harden.
If we are going to move to the cloud, and we are, educated users will be essential. Of all the things one can do to help out, knowing more is probably the single most important. Knowledge is power! Francis Bacon said that…. Then again so did a lot of people… But that doesn’t make it any less correct!