This week, we mark Data Privacy Day, dedicated to creating awareness around how to best protect your data and information online. There are growing risks associated with the collection, processing and storage of personal data, both on the individual and corporate levels. Even today, most people do not know how to respond when their rights are violated in a data breach or leak. Keeper Security is sharing password best practices to keep accounts and data protected against threat actors. The aim is to educate consumers and businesses around privacy, and help them to protect themselves against the growing risk of data breaches.
The safety of an individual's identity, data and online accounts relies heavily on the strength of their passwords, even when so-called passwordless options such as biometrics are used. Individuals must understand the difference between weak and strong passwords, particularly as a breach could impact the organization they work for, resulting in millions of dollars in damages. This is a pervasive threat, as data shows that 81% of hacking-related data breaches are due to stolen or weak passwords.
"Data Privacy Day provides an opportunity to elevate the critical importance of cybersecurity in all of our lives. The digital transformation shows no signs of slowing down, and with ever more connected devices from smartphones to smart fridges, we must all take concrete steps to protect ourselves," said Darren Guccione, CEO and Co-founder at Keeper Security. "It is imperative everyone utilize strong and unique passwords for all of their accounts, and store those passwords in a secure, encrypted vault to reduce their risk of an attack. The existential reality is that anyone can become a victim of cybercrime."
Think before you share, open or click:
One critical measure to protect yourself online is to avoid sharing personal information with anyone unless absolutely necessary. Watch out for links in emails from suspicious or unknown senders and learn what the tell-tale signs of a phishing attempt are. Only download attachments when you are sure they are safe.
It's human nature to believe what we see, which is why aesthetics and user interface often trick users into clicking on a malicious, incorrect URL. The key is to ensure the URL matches the authentic website. When a password manager is used, it automatically identifies when a site's URL doesn't match what's in the user's vault. This is a critical tool for preventing the most common attacks, including phishing scams.
Improve your password habits:
Do not use any combination of characters that is easy to guess.
Avoid using the same password across multiple accounts as well as including any personal information.
Recognizable keystroke patterns or short passwords should also be avoided.
Don't use repeated letters or numbers as a password.
Instead, use lengthy combinations of letters, symbols and numbers.
Creating a memorable phrase called a passphrase, replacing certain letters with numbers or symbols in a random order.
Creating mnemonic passwords, inspired by notable events for example.
Use a password manager:
The best way for online users to secure their passwords is to implement a secure password manager. An effective password manager will allow individuals to create random combinations of characters for their passwords and save these in a password vault. This way users won't need to write them down or remember them, which is what tends to make them more vulnerable to breach.
A zero-trust and zero-knowledge password manager creates an even more secure environment for users to store their passwords. Even in the worst case scenario of a breach, the stored data is encrypted in cipher text, meaning it cannot be accessed and is impossible to read by a human or machine.