Passwords. Aren’t they really the bane of everyone’s lives? Authentication is important. It keeps us safe. It keeps our data safe. It stops unwanted sources gaining access to our most personal information. They are a pain though. Obviously, remembering them is often an issue but it’s hard to get one right in the first place nowadays with sites and services requiring a variety of characters to be included before you even get to a point where you can sign up.
Then there’s the CAPTCHA requests once you’ve logged in to ‘prove you’re human’. If you’re like me, then there may well be a few times a week where you doubt your humanity in the face of an increasingly digital world… I hope you get my point!
Today is ‘World Password Day’. Recent years have seen companies such as Google, Apple and Microsoft showing a bit of corporate social responsibility, particularly Apple in relation to Privacy, but also in relation to helping keep us safe and secure with our passwords. When I open my Safari browser, for example, it tells me if any of my passwords have been compromised in any data breaches and helps me to change those that have issues.
According to many sources, Google Chrome takes the lion’s share of the browser market and it has some great options for supporting the protection of your passwords too, particularly if they’ve been compromised. To find out if you’ve got any issues, simply head to your Chrome settings, choose ‘Safety Check’ from the left hand side option and choose ‘Check Now’ to see where you are. If you have any issues, simply choose ‘Review’ next to where it shares your compromised passwords and get them changed!
What does a good one look like?
So, whilst it’s important to have a secure password, data breaches happen all the time. It’s the nature of the beast and, unfortunately, it’s highly likely to happen to all of us. Using tools such as these in our browsers will help us to know if there’s been an issue – but how do we both create strong passwords, and then remember them?
Well, hopefully, unlike many out there, you won’t have a little notebook with ‘Passwords’ written on the front (and a quick search of the web will bring up plenty of notebooks for that very purpose), but there has to be a better way of remembering them too.
Creating a secure password
The website, howsecureismypassword.net highlights how quickly certain passwords could be compromised (although for security reasons, I wouldn’t enter any real passwords on to the site!).
For example, if I type in a password such as “triangle” it tells us that the password could be cracked ‘instantly’. We can make it a bit more secure by adding a capital ‘T’ but even that would only take a standard PC 22 minutes to crack. We can take it further by replacing letters for numbers. So, if we tweak our password and change it to “TrIangl3!” that certainly makes it a bit more difficult to crack (3 weeks!) but, given the scale at which some organisations will go to so they can crack these things, there is more we can do.
Compromised passwords accounted for 80% of data breaches in 2020 according to this article, so clearly, creating a secure password is really important. The article also highlights the need for people to recognise that password-secured data, by itself, isn’t that secure.
We can take some of these steps to help make our passwords secure:
- Use at least 16 characters
- Combine text, numbers and characters in non-linked sequences
- Don’t reuse passwords on other sites
- Don’t use any identifiable information, such as your phone number
- Don’t include consecutive numbers or letters or those in order on your keyboard such as QWERTY
What else can I do?
Many sites and services now offer a feature known as 2FA, which is two-factor authentication. This means that when you try to log in to an account on a website or platform such as Twitter, not only do you need to enter your password, but you additionally need to respond to another prompt. Sometimes that can be your Face ID, or a text message with a code in it, sent to your registered phone number. This can slow logging in times down, certainly, but compared with the alternative, a few extra seconds to wait before you log in is worth the effort.
Protecting school data
According to IBM, the average losses to businesses internationally from data breaches in 2020 was $3.86M, with the US average being much higher at $8.64M. It often doesn’t feel this way to educators but schools are businesses and our student data is both highly important and highly valuable to those who might seek to misappropriate it.
As you can see from this recent report, “Cyber Security Breaches Survey 2020” and the ‘Education Institutions Findings Annex’, schools are absolutely targets for these kinds of activities.
Reminding ourselves of the adage that often, the problem with technology lies somewhere between the keyboard and the chair, we ultimately need to take responsibility for these breaches ourselves and take more care over the passwords we create, how we keep them safe and secure, and the lengths we go to in order to maintain that security.
NetSupport DNA can help to keep your school or MAT network secure in many ways, including keeping data secure, providing a safe learning environment and more. Find out more here.
For regular updates on these issues, we also recommend checking out the work of Alan Mackenzie, known as the e-Safety Adviser. Find him at https://www.esafety-adviser.com/ where you can also subscribe to his ad-free half-termly newsletter, ‘DITTO’.