How many passwords can you remember?
The number of online services people use daily is constantly increasing, and password complexity requirements increase apace. It’s probably no longer humanly possible to remember a unique password for each of your online services. But having a unique password for every account is necessary to minimize your cyber risk. Enter the growing number and range of cybersecurity tools.
Beauceron CEO David Shipley stopped by The Exchange with Matt Gurney to discuss a few good options to maximize your cybersecurity. These include bio-metric security measures, password managers and multi-factor authentication.
Is your fingerprint in the cloud?
Being able to unlock your phone and log in to your apps with your fingerprint is pretty convenient. But it raises the question: Is there a copy of your fingerprint in the cloud just waiting to be used against you?
It depends on the service provider.
For instance, Apple only stores your fingerprint in a secure enclave on your phone. A secure enclave is a dedicated chip inside your phone, so that your fingerprint is never copied to the cloud.
However, this may not be the case with all service providers. Bio-metric data stored in the cloud is not as secure, and definitely a cause for concern. Be sure to check where your service provider stores bio-metric data before you save your fingerprint.
Can you trust one app to keep all your passwords safe?
A password manager is an app that can generate, store, and auto-fill unique passwords for your various login credentials. The only password you need to remember is your master password for the manager itself (and for your online banking — you should keep that one unique but memorable and unrecorded!)
Choosing whether to use a password manager comes down to balancing risks. Keep in mind that companies whose sole job it is to manage passwords have more incentive to protect your information than anyone else. Not sure which password manager is right for you? Read reviews, ask trusted colleagues and friends — evaluate each password manager’s pros and cons based on your unique needs.
You’re more likely to suffer harm from a website that gets breached and then doesn’t inform you of it. If you have used that password for multiple sites, it is easy for malicious hackers to then breach those other accounts. For clarity, adding one character to a password does constitute re-using it!
Pro tip: It may seem counterintuitive, but a long password trumps a complex password. It’s easier for a hacker to guess at a short password — even if it contains special characters, numbers, and letters — than to crack a longer password.
A password is no longer enough
In addition to using a password manager, you should also set up multi-factor authentication (MFA) for your accounts. When you log in to an account, MFA requires you to approve the login from a previously trusted device; that device could be your phone or smart watch, or an authenticator app that generates a code for you to enter.
It’s hard for attackers to breach MFA because they’d have to be in possession of something physical you own; that makes it very difficult for a cyber attacker overseas to hack your account.
Move beyond password memorization
Advancing cybersecurity measures like fingerprint access, password managers and MFA have been designed to keep you safe from from ever-evolving cyber risk — and new measures are constantly being developed. Take advantage of these tools as much and as often as you can.