Using Two Factor Authentication
A recent study revealed that 250,000 Google account logins are hacked every week. This number is massive and shows that your login being stolen are inevitable.
But that does NOT mean that your account will be hacked.
Google has made it extremely easy to setup two-factor authentication which is the process by which a new device has to register itself through a separate text message to your phone. Sure this process might be a little annoying from time to time but it makes getting into your account really hard for hackers and, given the rate at which passwords are being rendered obsolete, it is your best bet to protect yourself moving forward.
Seriously With These Passwords?
If you read the article about the accounts being compromised, you will see a list of the most common passwords – admin, 12345, etc… – this is the SAME list that has dominated since the 1990’s. With these types of passwords, hacking is not needed – it is easier to just guess what your password might be.
I remember working in an office last year when my network went down. I went to my router and eventually figured out that somebody else on the system had another router that was not set up correctly and their router was causing my issues. Of course, this problem had to occur on a Saturday so those people were not around. I went to their router, logged in by guessing that their password was admin123 and fixed their configuration. When I saw those people the following Monday and told them what I did, I got a “thank you” for fixing their router and a complete look of confusion as to why they needed to change their password.
We wrote in the past about passwords and how you REALLY need to have something better than a bunch of numbers. In short, passwords do NOT need to be nightmares to remember – just a pain for algorithms to guess. The best passwords are multilingual and include numbers and special characters. As you increase the lingusitics, entire libraries have to be added to an algorithms repertoire. If you include special characters and numbers, the variations increase exponentially.
Best of all, these types of passwords can actually be remembered in your head instead of on a piece of paper! S3curityIsVeryBuen0! is a great example. It is easy to remember, multilingual and a huge pain for algorithms to guess. This…BTW…is NOT a password I use myself in case you are a hacker reading my post :)!
We are now seeing a massive number of attacks coming directly into enterprises by guessing passwords – if you do not protect yourselves, how can you blame others for taking advantage?