Monday, February 6, 2023
  • Advertise With Us
  • Write For Us
  • Contact Us
  • About Us
  • Editorial Calendar
Download Latest Issue - Free!
The Cyber Express
Ransomware Report
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Voice Networks

    Voice Networks are Under Attack – is Anybody Listening?

    Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

    Dominic Alvieri

    After Hive, Will More Ransomware Groups be Taken Down in 2023?

    McEwan Fraser Legal

    ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

    Kewal Kiran

    Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

    BATLoader

    Stealthy BATLoader Lurks Under PowerShell Script to Evade Detection and Launch Malware

    Guardian Analytics Data Leak

    Guardian Analytics Data Leak: Ransomware Groups Daixin Team and Lockbit List Firm as Victim

    VectorStealer

    VectorStealer, Unlocking Doors to RDP Hijacking

    Qakbot Malware

    Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Voice Networks

    Voice Networks are Under Attack – is Anybody Listening?

    Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

    Dominic Alvieri

    After Hive, Will More Ransomware Groups be Taken Down in 2023?

    McEwan Fraser Legal

    ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

    Kewal Kiran

    Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

    BATLoader

    Stealthy BATLoader Lurks Under PowerShell Script to Evade Detection and Launch Malware

    Guardian Analytics Data Leak

    Guardian Analytics Data Leak: Ransomware Groups Daixin Team and Lockbit List Firm as Victim

    VectorStealer

    VectorStealer, Unlocking Doors to RDP Hijacking

    Qakbot Malware

    Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Features

Best Password Hygiene Practices to Protect Your Data

Editorial by Editorial
August 8, 2022
in Features, Firewall Daily, Research, Vulnerabilities
3
best password hygiene, password hacking, cyber express news
586
SHARES
3.3k
VIEWS
Share on LinkedInShare on Twitter
Listen to this story

Passwords are a way to secure online accounts against hacking and prevent unwanted access to malicious actors. A strong password can avert or completely stop cyberattacks. Maintaining password hygiene and creating strong passwords are essential to keep accounts safe.

However, creating a strong password can be tricky. People tend to keep simple passwords so they can easily remember them. Welcome, abc123, password, 12345, iloveyou, tomcat, 111111, Qwerty, admin, and princess are among the easiest passwords kept by people, and hackers are aware of this. Most websites ask users to create a strong password that combines uppercase and lowercase letters, numbers, and alphanumeric characters. Still, many accounts get easily hacked.

You might also like

Hollywood and its Quest with Nailing Hacking Depictions

Internet Censorship and Freedom of Speech

Voice Networks are Under Attack – is Anybody Listening?

What is password hygiene?

Cyber hygiene practices include keeping passwords safe to protect online data from being stolen or misused. It is a part of maintaining and safeguarding passwords to avoid misuse of user data. A hacker can access a user’s online data through stolen credentials or hacking using the weakest passwords. Basic password hygiene principles help avoid cybercrime and compromise of one’s online information.

Practices like creating strong passwords by following standard password-making protocol and regularly changing passwords can help maintain password hygiene. Not punching one’s password openly so it is not visible to others and not noting down one’s password on sticky notes and placing them near the device are among best practices in maintaining password hygiene.

Data theft techniques

Hackers use various tools to hack accounts like a keylogger that logs keystrokes and trojan horses that offer the desired file type for free while employing the malware to steal system data. Hacking and remote administration tools connect to the victim’s system and capture what is on their screen. Statistics state that about 81% of company data breaches occur due to poor passwords, 80% of hacking was done using stolen and reused login credentials, and about 555 million stolen passwords have been posted on the dark web since 2017. Another research states that 59% of users reuse their passwords in all their personal and professional accounts. Offices can use advanced technology to secure their passwords, like Enterprise Password Manager (EPM).

Creating strong password

Whether passwords are for personal accounts or professional accounts, it is advised to use strong passwords that have a minimum of 12 characters; a 14-character password is considered vital, passwords that are not repeated on other accounts, a combination of letters that do not form actual words, has a variety, characters and numbers and one that does not include the account holder’s first, middle or last name.

The National Cyber Security Center (NCSC) suggest that users must create a password that has three random words. This would make the account less vulnerable. Using password generators is found difficult to be reproduced by hackers.

Passphrases in place of passwords

A passphrase is known to be more challenging to crack than cracking a password. Passphrases are longer than regular passwords, with a minimum of 15 characters. They usually have 22 characters and contain upper-case and lower-case letters, numbers and at least one punctuation character. A passphrase never includes words relating to the user’s personal information. Passphrases have better chances of not getting hacked. Users can use passphrase generators, too, as their apps generate complex passphrases.

Staying secure with one-time passwords

One-time passwords (OTP) are a great way to avoid having a single password or passphrase that could be hacked. One-time passwords expire within a few seconds or minutes and thus cannot be used by another person to hack into accounts. Moreover, OTPs are sent on a device like a phone or via emails, limiting the account’s audience. The benefit of relying on OTPs is not having to remember a long password. A time-bound password sent to an account or device adds another protection layer.

Changing passwords

Regularly changing passwords is a good habit to secure one’s accounts from hacking attempts and those who keep a tab on someone’s online history. Cybersecurity experts argue that changing the password every 2-3 months is safe. It is upon the user’s discretion to change their passwords if they notice any suspicious activity online. Not sharing password details with anyone is a must, or it can reach unwanted hands even through trusted contacts. If one must share their password during an emergency, changing the password again soon after the work is done is advised.

Jotting down passwords

Remembering passwords can be a task, especially when one has more than one account. Not making a note of the password on the same device or account is advised as it leaves room for easy access to confidential credentials. Making sticky notes of passwords makes the user vulnerable to hacking that may or may not be done with malicious intent. Being lazy in creating and remembering a strong password is among the reasons for data theft.

Additional security features

Using a security question if this option is available can increase online protection. However, it is essential not to use a question-and-answer sequence that the user’s contacts can predict. Random answers to questions can distract hackers and leave them astray. Changing the security question over a few months is also a smart practice, especially if one sees unread emails showing as ‘read’ in the account. Multi-factor authentication is also a secure way to create a password that qualifies as a strong password by following the three criteria. The criteria include using biometrics like fingerprint, iris or facial recognition, an email address to log in, a username and password combination, or a pin.

Two-step verification

Some other measures to secure online accounts are using the two-step verification option. Also called two-factor authentication, this method requires authenticating login attempts using a connected device. It can be activated on select websites and devices using the “Security” option in the account. Users are sent prompts whenever someone tries to log in to their device. Upon receiving the prompt, the user can allow or deny login. Opting for receiving login notifications on another device is a great way to keep a tab on login attempts. Moreover, some accounts also have the feature of showing how many devices that account logged into. Users can log out if they see a device they don’t recognize. Showing login time is also a feature some websites offer. It is worth the while of a user to investigate specific features and options websites provide to secure their accounts. Most websites are directed by authorities and cybersecurity regulations to update their security protocol. An alert user must look for all these options to secure their online accounts and data.

Using password generator

Using applications to generate passwords is an excellent way to avoid using common words that come naturally to the user. Password generators can create complex passwords that users can use. It shows password strength to help users decide if they want a stronger password from what was generated. Since password generators use a pseudo-random algorithm that uses a sequence called ‘seed’ to create random and unrelatable passwords, users are offered passwords that they have rarely used.

There are several ways a user can do to prevent hacking and data theft. Creating a strong password for every account and changing them when something seems amiss is judicious. Creating a strong password is not just required to protect login credentials and user information but also to safeguard savings in the bank and investments.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Tags: cyber expresscyber express newsCyberattackhackingpassphrasepassword generatorPassword Hygienestrong password
Previous Post

North Korean Hackers Use Coinbase Job Offers to Target Fintech Employees

Next Post

Jacksonville Sheriff’s Office Hit By Suspected Cyberattack

Editorial

Editorial

The Cyber Express is a publication that aims to provide the latest news and analysis about the information security industry. The news comes from a variety of sources and is updated regularly so that readers can stay up to date with the latest happenings in this rapidly growing field.

Related Posts

Hacking depiction in hollywood
Features

Hollywood and its Quest with Nailing Hacking Depictions

by Editorial
February 5, 2023
Internet Censorship and Freedom of Speech
Features

Internet Censorship and Freedom of Speech

by Editorial
February 5, 2023
Voice Networks
Features

Voice Networks are Under Attack – is Anybody Listening?

by Editorial
February 4, 2023
Firewall Daily

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

by Ashish Khaitan
February 4, 2023
Dominic Alvieri
Firewall Daily

After Hive, Will More Ransomware Groups be Taken Down in 2023?

by Vishwa Pandagle
February 4, 2023
Next Post
Jacksonville Sheriff’s Office Hit By Suspected Cyberattack

Jacksonville Sheriff’s Office Hit By Suspected Cyberattack

Comments 3

  1. Pingback: Is Your Personal Data Safe on Mental Health Apps?
  2. Pingback: Hackers Use Android Spyware ‘Dracarys’ In Cyber Espionage
  3. Pingback: Plex Data Breach: Users Asked to Change Passwords

Latest Issue is Out. Subscribe Now

Ai in Cybersecurity - Cybersecurity Magazine by The Cyber Express

Download Now



Follow Us On Google News

Never miss an update. Subscribe!

* indicates required

Recommended

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

February 4, 2023
GoTo Confirms User Data Stolen With Encryption Key

GoTo Confirms User Data Stolen With Encryption Key

January 27, 2023

Categories

Don't miss it

Voice Networks
Features

Voice Networks are Under Attack – is Anybody Listening?

February 4, 2023
Firewall Daily

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

February 4, 2023
LockBit. Ion Group
Cybersecurity News

LockBit Claims Ransom From ION Group, Firm Declines To Comment

February 4, 2023
Dominic Alvieri
Firewall Daily

After Hive, Will More Ransomware Groups be Taken Down in 2023?

February 4, 2023
McEwan Fraser Legal
Data Breach News

ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

February 3, 2023
Kewal Kiran
Firewall Daily

Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

February 3, 2023

About

The Cyber Express

Cybersecurity News and Magazine

The Cyber Express is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

Follow The Cyber Express

Contact

For editorial queries: [email protected]

For marketing, PR & media partnerships: [email protected]

For media kit and digitals sales: [email protected]

For Sponsorship/Event Partnership: [email protected]

For Conferences related information: [email protected]

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

Tel: (678) 578-8838

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News

© 2022 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Firewall Daily
  • Business News
  • Cyber Essentials
  • Features
  • Cybersecurity Magazine
  • Events
    • World CyberCon Middle East 2023
    • Webinars

© 2022 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.