LUTZ BUSINESS INSIGHTS
john may, project engineer
Few things are as irritating as having to think up new passwords. And just about every app and website you go these days require registering, which means creating a new password. On top of that, it must be one you’ve never used before and nothing that uses any part of your name or would identify you in any way.
If you think that you’re required to update your passwords more often, and with more rules (large caps, small case, symbol, fingerprint, no numbers in sequence) than you used to, you’re right. Keeping your information safe is paramount for most websites, and keeping cybercriminals at bay is more of a challenge than ever.
The Science Of Passwords
Even the simplest password is more than just what you tap onto your screen. ABC12335 turns into a much longer series of random alphanumeric symbols within the app. In the tech industry, this is called password hashing–putting your simple password into an algorithm that converts it to a jumbled assortment of characters. When passwords are hashed, it’s a lot harder for cybercriminals to hack.
Going a step further, into securing your information, some companies have added salt to the hash. One of the flaws with hashing is that it spits out a uniform code for a given password–“mydog” would consistently translate to DHE_N &RVOJ Ihi457p3ournc. When a salting layer is added, every time you type in “mydog” there’s another series of characters before the hashed password. For example, using hjkrog before the DHE_N sequence.
Still, despite IT security experts’ best efforts, data breaches are all too common. Cybercriminals aren’t sitting in some basement guessing at your password; there is a mountain of software out there that’s designed to help hackers break through these barriers.
Multi-Factor Authorization (MFA) or Two-Factor Authentication (2FA) add another layer of password security for consumers. The most common example of this is using your fingerprint on your smartphone–biometric identification. Another example of 2FA is when you receive a code on your smartphone to access your app. Blockchain is the latest addition to password security. This technology blocks access when an inauthentic user can’t be traced to the beginning point of the security chain. In essence, when they break into one point along the chain, they are blocked from further access.
Managing Your Passwords–Do’s and Dont’s
Here are a few ways to keep your passwords secure. Some are pretty basic, but worth repeating.
- Don’t share your passwords with others. Along those lines, don’t use someone else’s device to log into your online banking accounts. That doubly exposes you to cybertheft.
- Do use a different password for all your accounts. This is as simple as capitalizing a different character, changing spelling, or adding a short word at the end–“my dog rocks” to “myDogrox” to MydogRox”.
- Do use MFA or 2FA whenever you have the option.
- Do make your password longer, not heavier on gobbledygook. Use complete sentences, with caps and punctuation–My dog rocks.
- Do create passwords that you can remember but are hard to guess–I don’t like pepperoni.
- Do be as complex as you can easily remember–I don’T like PePPeron!.
Also, one reason you should not duplicate passwords is that every time you do, you double your chance for a data breach. So, you have a password for Target–IbuyLots–that you also use at TJMaxx and Amazon. If there’s a data breach at one, your risk for fraud is tripled.
Use A Password Manager
Password managers are like bank vaults for your data. They store all your passwords in one place. The best ones also sync between your devices, autocompleting your password so you don’t have to manually input it every time you log in. When you use one of these apps, you only need to remember one master key. The app does the rest, creating unique passwords for all your websites and apps.
Lastpass is a strong choice for a password manager, either individually or for business. Basic service is free, and for $4 per month, you can manage passwords for the entire family. Lastpass integrates all your password-driven apps and sites to their vault and generates new passwords that are stored there. You can also download your credit cards, prescriptions, and insurance info so all your information is stored in one safe place.
Dashlane is also one of the best password managers out there. It’s similar to Lastpass in capabilities and pricing, and also offers a business suite. One of Dashlane’s best features is that they implement a zero-knowledge system. Meaning their employees don’t see your information.
Lutz can manage all your personal and business needs, from tax strategies to talent acquisition to outsourced IT. We’re experts and are happy to work with you, whether it’s advising on an M&A project or helping you decide which password manager is best for you. Please contact us if you have any questions.
ABOUT THE AUTHOR
john may + project engineer
John May is a Project Engineer at Lutz Tech with over 10 years of experience in IT. He is responsible for assisting outsourced IT clients with technology infrastructure enhancements.
AREAS OF FOCUS
- IT Infrastructure
SIGN UP FOR OUR NEWSLETTERS!
We tap into the vast knowledge and experience within our organization to provide you with monthly content on topics and ideas that drive and challenge your company every day.