Strong Passwords Are Not Enough To Prevent Account Hacks

Security by  Mashum Mollah 01 December 2022

Strong Passwords

We all use passwords to log in to our favorite internet services. However, few people know that currently used passwords are becoming weaker and weaker. Why is this the case, and how can we make our accounts better protected?

The idea of ​​securing accounts with passwords worked quite well decades ago when there were fewer internet services. The network did not accompany people at every turn, and hackers were not as inventive as they are now.

However, now everything has something to do with the internet: Even a person who deals with his financial matters only during personal visits to the bank is protected and supported by the institution’s advanced IT systems.

The internet has become strongly associated with all aspects of life. There is nothing wrong with that: Universal access to the internet facilitates communication or taking care of everyday matters. In cyberspace, however, there are threats to which ordinary users are exposed. Hackers accessing victims’ accounts can steal their funds and identities and even sell personal information on the black market.

Why isn’t the password enough?

All internet users have gotten used to the fact that accounts should be protected with passwords. What’s more, they should be strong and unique – the date of birth or the child’s name is very easy to guess, even by a scammer who knows his victim superficially. As it turns out, nowadays, even a strong password is not enough to secure an account.

Cracking passwords

Cybercriminals are often people with advanced knowledge in the field of computer science and cybersecurity. Many of them have tools adapted to carry out dictionary attacks or the so-called Brute Force.

The first is to test a variety of common words and phrases from previously disclosed password databases. The second, on the other hand, means guessing passwords by entering different combinations of characters.

Tools designed to guess passwords can test hundreds or even thousands of combinations in a short time. It takes less than a few minutes to crack a simple code. That is why the password must consist of at least 8 symbols, including upper and lower case letters, numbers, and special characters. However, even a strong password can be cracked – if not by guessing, then by another method.

Malicious software

In recent years, hackers have created many tools to obtain personal data (including passwords). An example is keyloggers – programs installed on computers without users knowing.

Keyloggers catch the victim’s keystrokes, and the more advanced ones can even take screenshots. The information is sent to cyber criminals, who can then use it for their own purposes.

Malware that obtains victim data also includes spyware

Malware that obtains victim data also includes spyware

1. Eavesdropping on the network

Poorly secured Wi-Fi networks can be eavesdropped on by scammers who observe traffic passing through them – including personal data and passwords. The most vulnerable to attacks are public networks in supermarkets or airports. Often they are poorly protected. At the same time, they are used by many people logging into their email boxes or bank accounts every day.

2. Social engineering

Not all fraudsters need to use IT tools to get valuable information. Sometimes it is enough to take advantage of human naivety. Phishing is a method in which a criminal impersonates a trusted entity (social organization, company, reputable person, etc.) and then asks an unaware victim to provide data. Unfortunately, many people still fall for fake emails and share personal information in good faith.

How can I better secure my account?

account security

Always secure your accounts with long and unique character combinations. However, it is worth using additional security methods so that the account is safe also in the event of a cracked password.

1. Unique passwords

Besides, the password must be strong: It should also be unique. Why? Hacking or leaking the password of one account is a threat if all other user accounts are secured with the same code. Most cybercriminals are eager to check whether stolen login details will also allow them to access other websites of the victim (e.g., bank accounts).

2. Multi-factor authentication

Multi-factor authentication (MFA) is one of the most widely used security measures to help protect your account. The user logging into the service must provide the login and password and go through a different stage of authentication. It can be, for example, entering a code sent by SMS or email or confirming your identity with a fingerprint.

With the solution, the leakage of the password to the account is not such a huge problem – the fraudster will not be able to use it anyway, assuming that he will also not gain access to the victim’s email box or phone, to which the service sends authentication codes.

3. VPN

A VPN is one of the best ways to protect internet users’ data. What is a VPN? It is an intermediary service between the user and the internet. In short, the person connecting to the network via VPN first contacts the service provider’s server, and only then it directs the traffic to the destination.

This solution ensures privacy (website owners have access to the VPN server IP, not the user). Good VPN services provide advanced data encryption, thanks to which even entered passwords are encrypted and inaccessible to third parties. You can easily learn how to use a VPN to stay secure.

Summary

A strong and unique password is essential to secure any account, but you should also use other methods. The use of MFA or VPN should be combined with caution. Account protection also means avoiding downloading suspicious applications (risk of installing malware), not sharing passwords with friends, and distrusting suspicious messages with requests for data.

Additional:

Mashum Mollah

Mashum Mollah is an entrepreneur, founder and CEO at Viacon, a digital marketing agency that drive visibility, engagement, and proven results. He blogs at thedailynotes.com.

View All Post

Leave Your Thoughts Here

Your email address will not be published. Required fields are marked *

You May Also Like