Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems
Password Security in 2020 - Part 2

by Erik Briceno

In our last blog, we covered some generalized password advice that everyone should know. Unfortunately, there is no such thing as a password that can’t be hacked. Phishing scams and malware infections are ongoing problems, and now that we’re in 2020, these serious cyberthreats are on the rise and quickly making traditional password security depreciated.

But the good news is, current efforts to phase out passwords are also giving rise to additional security methods that can (and should) be used in conjunction with standard account protection practices. In today’s article, we’re outlining some very necessary steps to take in addition to simply coming up with a strong password.

Every Account Should Have 2FA.

We briefly covered what two-factor authentication, or 2FA, means when we were discussing some of the features offered by Microsoft Azure’s security dashboard. The typical and most commonly seen 2FA method is a simple text message with an authentication code sent to your phone or other mobile device. It’s rather basic and by no means foolproof, as even mobile data can be intercepted to steal your 2FA confirmation. However, it’s an extra hurdle for a malicious actor to overcome and has proven to be effective. In most cases, it works. And if nothing else, you’re more likely to be left alone in lieu of an easier target. So, make sure you use it!

Consider Using a Password Manager.

Harken to our earlier statement about avoiding the temptation to use the same password across multiple accounts. If you really have a lot of passwords (and yes, many of us do these days), consider using a strong password manager such as LastPass or Dashlane. How a password manager typically works is you enter all of your existing account logins into the manager. Then, the manager strongly encrypts them all, and when you need to log into an account, you simply sign in through your password manager which has its own password and log-in process.

Do you remember what we said about creating a long password? You want your manager’s password to be especially long and complex, as it’s going to be housing everything. And you want to make sure that account has 2FA protection as well. This is the ultimate solution for keeping all your accounts in one place in as secure a manner as possible.

There is an important caveat to password managers to remember, however. If your device that uses a password manager is ever physically stolen, so is access to all of your accounts. Additionally, even the most popular manager can have bugs and possible exploitations. That being said, should you still use one? The answer is yes.

Never Share Your Passwords.

Password Security in 2020 - Part 2

Photo Credit: People photo created by freepik – https://www.freepik.com/free-photos-vectors/people

This should sound like a no brainer, but the truth is, “social engineering” (more commonly known as phishing) has become frighteningly complex over the last decade. Scammers have become exceptionally good at exploiting human psychology, and it’s getting easier and easier to be tricked into giving up a password or a “secret question” answer to someone.

Whether it’s a coworker, someone claiming to be from tech support, or even your own boss, your password is yours, and you should never divulge it under any circumstances. This is critical to not only your own personal data security, but also that of your entire organization.

Protect Yourself From Malware.

If social engineering is the man trying to talk you into opening your safe, malware is the man who uses dynamite to blow it open. (And phishing can be used to trick you into holding the stick of dynamite, by downloading the malware in the first place.)

Malware comes in many different varieties. Some are “keyloggers” which record your actual keystrokes, which in turn reveals what you type to log into an account (as well as all sorts of information you tap out on your keyboard). Others outright take control of your system altogether, which in turn gives the attacker access to your accounts that are stored on said system — much like if the device had been physically stolen.

We’ve published numerous articles on how to protect yourself from malware for this very reason. On the part of the consumer, it’s a lot to take in and remember. And it’s exhausting. It’s unfortunate that we live in a world where the burden always seems to fall on the shoulders of those who just want to go about their business in peace. At V2 Systems, we strive to take as much of that burden away from you as possible. Our advice is meant to both inform and protect you, but we can offer much more than advice. Call us and allow us to stand watch for you, so that you can focus on what’s most important: your actual business.

 

Since 1995, Manassas Park, VA-based V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!

 

ebriceno
About ebriceno
Erik Briceño is the owner of V2 Systems, Inc., one of Northern Virginia’s leading Information Technology Managed Service Providers. He is an inspiring leader for its employees and instrumental business partner for its customers. He is passionate about V2’s purpose, dedicated to exceeding expectations and a consummate professional not afraid of jumping in and getting his hands dirty. Prior to joining V2 Systems in 2002, Erik was a co-founder and COO of Ampcast.com, a leading provider of online resources servicing over 5,000 independent musical artists. At Ampcast.com, Erik spearheaded all aspects of corporate development, funding, strategic vision, and business development for the firm. From 1997 to 1999 Erik held the position of Acoustic Systems Engineer for Electric Boat Corporation, a leading defense contractor. In this role, Erik was responsible for the acoustic fidelity of two noise critical systems and components in the US Navy’s nuclear submarine systems. Erik holds a B.S. in Mechanical Engineering from Vanderbilt University and a Masters of Business Administration from George Mason University. When not working, you will find Erik a dedicated family man, raising two young children with his lovely wife Karen. Together, they enjoy building legos, playing baseball, skiing, riding horses, swimming, traveling, and fixing up old Mopars.
Password Security in 2020 - Part 2
Password Security in 2020 – Part 2