Password Security
Today everything is online,
and currently, most websites and portals
still rely on a username and password for authentication. Even when complex
passwords are required, passwords can be a vulnerability to you unless you take
certain precautions. This blog post is not about creating complex passwords,
not using repeating passwords, and not about using personal information to
create passwords. Everyone is aware of these tips,
and yet passwords are still a vulnerability.
Most people have 15+ online accounts,
and that should mean that you have 15 different complex passwords that you have
to remember. This can be frustrating and causes people to write them down, store
them in OneNote, or in an excel file which only makes having a good password
completely useless.
We recommend that you utilize a good password management tool
such as Roboform to keep your passwords more secure. With Roboform, you have one complex password to know, and Roboform will protect all of your
other accounts. Roboform will run as an add-on to your browser, and you can simply click on it, enter your master
password, select the site that you are on,
and it will enter your password for you. Each time you click on the application, it will require you to enter the
master password, so it keeps others who
use your computers from accessing your password list. To protect against the dictionary, brute force, or other attacks, Roboform uses AES256
bit encryption with PBKDF2 SHA256, 4096 iterations. PBKDF2 is a key stretching
algorithm used to hash passwords with a salt. Roboform also requires a
minimum Master Password length of 8
characters, with a minimum of 4 numeric
characters.
Now that you have a good password management tool, you can
also get out of the business of trying to create complex passwords. Roboform
has a built-in password generator that
will use a random hash to generate some very secure passwords for you. Since
Roboform is managing your passwords, you don’t have to worry about someone
getting ahold of your passwords.
Even when you are using a password generator, you may still be vulnerable to password attacks on
shopping websites. Last year there were many companies including Home Depot and Target that had attacks where
passwords were stolen. Many websites are
beginning to offer 2-factor authentication, and I highly encourage you to
take advantage of using this. Two-factor
authentication is accomplished when you logon to a website such as Gmail and they send
you a code to an email address, or a text to your phone and you have to input
that code in the form before you can logon. It does take you a little longer to login to your account, but this is a fairly
solid way to prevent others from accessing your account. Even if they have your
password, they cannot login without the code that is sent to your device. Nothing is completely
secure, but it is much more secure than just using a password.
Thank you for reading our blog, I hope you found it
informative. If you need assistance setting up a password management tool, or two-factor authentication, feel free to reach
out to us on our website at http://www.hillcountrytechnicalservices.com
Thanks
HC Technical Team
RoboForm Security.
(n.d.). Retrieved from https://www.roboform.com/security
Comments
Post a Comment