Many people have lost their Facebook, Instagram, mobile money, Twitter, bank, etc accounts because they failed to take the necessary steps to manage their passwords. The following ways to manage and protect your passwords below provide an important guide everyone needs to take to protect their accounts and devices.
Due to the nature of their profession and lifestyle, African journalists run many emails, social media, journalistic tools, bank accounts, mobile money accounts, etc, that require heightened degrees of protection. This is not strange since journalists treat sensitive and confidential information and must ensure they protect their sources. However, journalists remain a significant target of cyberattacks since the sensitivity of some stories affects some personal or group interests. Consequently, journalists need to understand ways to manage and protect passwords and make them secure. Sources will be more confident sharing information with journalists if they know journalists protect their communications and prevent the release of their identities.
Here are 5 Ways to Manage and Protect Your Passwords
Password length
The first way to manage and protect your passwords is password length Generally, most systems (email accounts, online resources, social media accounts etc) require a certain length and mix of password characters. This ensures that users do not create passwords that are easily cracked or guessed. Despite this requirement, most people still use easily cracked and guessed passwords. For instance, some passwords read: Mom1234, Mother1975, or Admin1234. According to Kaspersky, an internationally leading cybersecurity firm, “hackers work through all possible combinations [of passwords] hoping to guess correctly.”
The catch with passwords is that most people form passwords based on what they can easily remember and long passwords are tricky and easy to forget. To solve the security risks associated with short passwords, Microsoft recommends that “passwords must meet complexity requirements.” Accordingly, Microsoft says “a minimum password length of 8, ensures that there are at least 159,238,157,238,528 different possibilities for a single password. This setting makes [an …] attack difficult, but still not impossible.”
The recommended 8 character password requires a combination of other factors to make it strong. For instance, one must remember that the 8 character password is only a minimum, meaning the password could be longer than 8 characters and should “include letters, numbers, and special symbols.”
Many people are used to passwords and usually write words they can remember. Most times, these words are easily guessed and conjectured. The Password generator is emphatic and advises we should avoid passwords with less than 6 characters or using dictionary words because “experienced hackers can easily crack them.”
Passphrases
The second way to manage and protect your passwords is using passphrases. Although many people are used to passwords and may find passphrases new and a little complicated, passphrases are easy to remember and more difficult to guess. A passphrase is simply a sequence of words or other characters, more than one word that one can use to access his or her account. Although passphrases are stronger than passwords, Proton says that “a 20-character password consisting of random lower-case letters is much stronger than a four-word passphrase composed of common words.”
Passphrases are more user friendly because they could “be anything from a song lyric, favorite quote, personal motto, or inside joke – making for a memorable and easily typed passphrase.”
Considering that “password” has become the generic and more well known term for the secret code that users must know and use to access their accounts, I will continue using password throughout this blog article.
Password Generation
The third way to manage and protect your passwords is by using password generator. Since the advent of the internet to Africa that generated the use of accounts that require usernames and passwords, most Africans have relied on their mental strength to choose passwords. While these processes help people generate passwords they can remember, it is not effective because it leads to easily memorable passwords that are easily attackable.
Recently, different online systems have started generating passwords. These passwords are generally strong, complex and difficult to crack.
Many password generators exist. A few examples include:
Google Chrome Password Generator
Password storage and management
The forth way to manage and protect your passwords is password storage and management. The multiplicity of accounts that require passwords require effective password management and storage processes that maintain a password’s security and confidentiality. It is important to note that poorly managed or stored passwords risk compromising the confidentiality, integrity and availability of information stored in those accounts.
Password management involves practices that protect unauthorized people from accessing individual passwords. To effectively store passwords and keep them away from hackers and others, it is important to use password managers.
Before sharing a list of password managers below, it is important to highlight the following:
Never write down passwords. I know people who keep a journal of passwords and write all their passwords in these journals. This approach to storing passwords is very dangerous because once the password journal is gone, someone can easily break into all your accounts. Likewise, do not write passwords on anything.
Never use one password for multiple accounts. As discussed above, the multiplicity of accounts forces many people to use one password for many accounts for easy management. This is a huge security risk because if a hacker breaks into one account, the hacker will eventually break into all your accounts.
Never store passwords in a browser. Storing passwords in browsers is a very convenient way of opening your computer or your phone and picking up from where you ended. However, the risks are enormous. Consider your laptop is stolen or seized from you because you are investigating an issue and writing a story while all your passwords are stored in the browsers. What do you think will happen to your accounts especially if criminals were chasing you for the story or the investigation?
It is best to store passwords in a password manager. Here are a few examples of password managers:
Multi-Factor authentication
The fifth way to manage and protect your passwords is by using multi-factor authentication. The multi-factor authentication (MFA) is a system where a user is compelled to provide both the password and another verification method before gaining access to an account. According to CISCO “MFA requires means of verification that unauthorized users won’t have. Since passwords are insufficient for verifying identity, MFA requires multiple pieces of evidence to verify identity. The most common variant of MFA is two-factor authentication (2FA). The theory is that even if threat actors can impersonate a user with one piece of evidence, they won’t be able to provide two or more.”
With Multi-factor authentication, if a scammer or hacker breaks your password, the person will still require another level of verification to get access to your device. For instance, the device will send a token, a one time PIN, a text message, or a request for approval on your device for approval to gain access to your device. As a user, you must be conscious and aware of the security disposition you have set for your device. Once you receive a request for authentication through your phone as a text message, phone call, pop up notification, or some other system of verification, you must not validate or approve the request unless you initiated the process by using your password.
Conclusively, the United States Cybersecurity and Infrastructure Agency advises that enforcing the MFA system keeps journalists and everyone else safe since the MFA system makes it more difficult for scammers and hackers to break into your account. In a previous post, I explained why journalists and small businesses in Africa must prioritize cybersecurity protection.
So here are the 5 ways to manage and protect your passwords in order to stay ahead of attackers. Let me know in the comment section, which of these ways have you used to manage and protect your passwords?
Kindly subscribe to my newsletter by clicking on this link:
I will like to hear from you:
Do you have an experience to share about losing your password?
Great, thanks indeed
Very timely Mr Bernard. Anyone using a computer, smartphones or tablets needs this information.
Your project comes at a point in time when many have been victims to hackers, leading to the lost of valuable data such as research works, emails, and music. A very common phenomenon is the theft of bank account information, money.
Pingback: Lessons from a cybersecurity training and awareness session in Cameroon (Part I) - Afri-Transformers
Pingback: Cybersecurity Awareness for African Journalists