Remember the last time you had to recover access to an account by resetting your password. Maybe it was last month, week, or maybe it was today. Now remember what you had to do: use uppercase, lowercase, and special characters. Don’t reuse your favorite root password, don’t use a real word because it is easily guessed. Make sure it’s at least 9 characters in length. Are you experiencing password fatigue yet?
People have been experiencing password fatigue for years. When your employees give up on good password hygiene, they give up on best practices and fall back on common bad habits. This article outlines a free for personal use tool that will improve your security and reduce your password stress. It might even free up enough time to setup two-factor authentication on your most critical online accounts! Let’s start by looking at why passwords matter so much and the problems we all face with them.
Billions of Breached Passwords exist online
HaveIBeenPwned.com reports more than 8 billion compromised email accounts (often including compromised passwords). In the past, Yahoo lost more than 500 million user accounts and passwords; DropBox and Linked-In lost millions more. What makes these millions of breaches so damaging, is that so many people re-use their passwords. Alternatively, people re-use predictable password roots, appending a prefix or suffix to that root password. Both practices put you at risky. Hackers exploit the fact that most people re-use passwords or have predictable prefixes and suffixes on common root passwords!
Why are Passwords so Important?
Once a hacker sees your username and password in plain text, can they then log into your online email or Virtual Private Networks (VPN) account? They can if you have a predictable or re-used password on either one. Once inside your email account, hackers have breached one of the most critical accounts you have.
Your online email account can be used to reset passwords at many other online accounts. It’s simply a password recovery request away from the hacker! Additionally, email accounts are a treasure trove of social engineering material to attack your friends and family! Finally, as reported in CyberHoot’s Domino Attack Article, hackers are now crafting exceptional powerful phishing campaigns by targeting users they find inside your email account. Hackers send phishing attacks directly from your email account or from a look-alike domain name they create. If successful, they then break into your friends, family, and business partner’s email!
Does this all sound hopeless to you? Fortunately, it truly is not hopeless if you learn to use a Password Manager. Let’s take a look at what a Password Manager is and does. CyberHoot views this skill as important as knowing how to type!
Learn a Password Manager to Ease Password Fatigue
Every cybersecurity professional will tell you to use strong unique passwords at every online account you own. Unfortunately, most people cannot remember more than 3 to 4 strong passwords. Creating more simply leads to password fatigue. There is a simple solution. This seemingly impossible task becomes easy when using one of the many free (for personal use) password managers. Many password manager options exist but CyberHoot recommends one of the following as we’ve used and reviewed their features in detail: LastPass, 1Password, and Dashlane.
The Power of Synchronization
Password Managers automatically synchronize all your accounts between smartphones, laptops, and tablet’s. A web browser plugin monitors your login activity and prompts you to save your credentials whenever you authenticate into a new website. Your username and password for the Domain (or URL such as gmail.com) is stored in an encrypted password vault. Each tool mentioned includes a random Password Generator you can use to create new, strong, and unique passwords. Over time, you will begin replacing your re-used passwords with randomly generated ones. Doing so will make you more secure, effective, confident, and efficient.
Call to action: Download and start learning and using a free password manager today. This skill is as important as learning to type is! Regardless of your technical skill, if you put in even minimal effort, within 3 to 4 months, you will become proficient, secure and much more productive.
Author, Craig, Co-Founder – CyberHoot