This is 2020 and we use passwords/pin everywhere to secure the access of our accounts with third party applications/service that we use. Banks, Social, Professional and what not. For each and every login we need a password or some other way to identify that its a genuine user. Every internet user have at least 3 different accounts and 3 different/same password to carry in their mind. If somehow that is been hacked then you’ve lost your identity, they can access your Facebook, Gmail, online banking and what not. So lets dig into this huge issue of passwords.
NOTE: Possibly your password was already leaked and someone already have it to attack sometime in future. Or its waiting for some buyer to buy in black market.
Consequences
If you do not worry about your identity theft online then no need to waste your time reading further, but wait do you know that your email can give access to your bank accounts too. Do you remember the forgot password button in every login page, yes which you use often after forgetting password. That is a very dangerous button if someone else have access to your recovery email address. Anyone can use your accounts after resetting your password from that button.
If someone has access to your Facebook password then you know what they can post/message on your behalf. If even someone has your old password access then they can try that same in future accounts and one day they’ll succeed if you reuse same password somewhere.
If someone gets access to your banking password then you’ll be poor from rich in minutes. There are a lot of online portals/services/pages where we use accounts and loosing a password to hacker is dangerous in a lot of way.
If someone has access to your Gmail then they know where you travel daily from google maps activity tracker, they will know all your contacts from google contacts, they’ll know all your personal files uploaded in google drive, they’ll know all the meetings/important dates from google calendar and a lot of details of surfing history. We need to make sure to protect the only thing that can save us, THE PASSWORD.
How to protect the Password?
Passwords are used to protect the account and if you are not able to protect the password then your account is not yours anymore. I’ll suggest basic steps that are easy to understand and follow,
- Always use different password for different websites, I understand its difficult to remember each and every password but I have a hack for remembering every password. You should make a pattern of password but remember to change the pattern every 3 months. The best pattern is to include Capital letter alphabet, Small letter alphabet, Numbers & symbols. Suppose we need to set password for Facebook, Instagram, Gmail: 38Face$9767 , 38Inst$9767, 38Gmai$9767 , here the pattern is any two random numbers then 4 alphabets of website then a symbol then 4 numbers , one letter must be capital. This way you can remember every password, but make sure never to reveal your pattern to anyone, or they’ll make password for every website you use. This was just an example, you can select anything that you think is comfortable to you.
- Relatable Password : If you feel the pattern method is risky then relate every website to something differently, Facebook-Mark , Instagram-Photos , Gmail-Work, and this way you’ll have to remember less passwords. For example, Mark@909, Photos@909, Work@909, Padhai@909. Make sure there are at least 8 characters in every password.
- Never use old passwords again as attacker will always try old passwords first. We tend to remember less password and this is the weakness where they can attack. Never ever use old passwords anywhere.
- Never use continuous series of anything like 1111, 2222,1234,abcd,xyz as these are very easy to fall into common password lists. Never use Password or Full website name in passwords also.
- Try not to use DOB, Mobile Number, Parents name, X-Name, Vehicle Number, Plot Number and most common things that can be achieved by just some research. Always use something out of the box like value of pi 31416, prime numbers, palindrome…
- Never use extra long passwords i.e. more than 12 alphabets as it’ll be hard for you to remember the same and you’ll definitely not change it often. You’ll think its too big to be hacked, but there are ways to predict humans and their typing statistics.
- It might be tedious work, you might feel too lazy but a small thing can risk a lot. Ask the one who lost savings in minutes, ask someone who felt embarrassed from some post that they didn’t posted, ask someone who lost all the data from drives.
- Never write your password in any case to any place, not even in google note, not in notepad, not in personal diary. Because you never know who have access to what when you’re not present there.
- Enable dual authentication where ever available, it makes sure only you are accessing things. Dual authentication/2 step verification is available in Google, Facebook, Instagram. While every login you’ll get notification in phone to allow or to reject.
- Use OTP login wherever possible, Use Google/Facebook/Twitter sign in wherever possible as you’ll not have to set password there and they cannot access Google password.
- Hide email id from every visible place unless you have a professional/business use to it.
If you follow all of these then it’ll be very painful for someone who is trying to hack you.
Hack Test :
- Visit https://www.avast.com/hackcheck/ and enter your email there
- You’ll get a summary about were your passwords leaked from some website hack. If not then great, if yes then check your email for mail from Avast.
- Check email to show details from that mail.
Hack Test :
- Visit https://haveibeenpwned.com/ and enter your email there to check if your password was leaked or not.
Techbie.Blog 