If you’re like most people, you probably know or at least suspect that your online passwords are vulnerable to hackers, and that you should do something about it—but you haven’t quite gotten around to it. Believe it or not, the most frequently used passwords in the United States, year after year, are still “123456” and the ever-popular “password,” despite the fact that those are the first terms any 10-year-old data thief would try.
Think you’re better off using your pet’s name or your birthday? Think again. Recently, what’s been described as “the largest password collection of all time” was posted on a hacker forum, providing the cybercrime community with what appear to be 8.4 billion passwords, assembled from previous data leaks. This includes many short combinations of letters and numbers that are all too easy to solve. Did you know that a five-character password can be cracked in ten seconds?
Experts agree that complex passwords, consisting of 12-15 characters and using uppercase and lowercase letters as well as symbols and numbers, are far more effective than weak and obvious ones. (According to one analysis, at present computing speeds, a strong 12-digit password would take more than 5 million years to crack.) But most people stick to elementary passwords, believing that more complex ones are too much bother.
Folks, it doesn’t have to be that way. Here are a few simple steps you can take to protect your financial and personal data from being breached or stolen. And none of them involve memorizing complicated gibberish passwords.
- Find out if your current passwords have already been compromised. You can do a partial check to see if your passwords are already toast by visiting the Have I Been Pwned database, which features 613 million passwords (and counting) that have been exposed in data breaches. The absence of your password from the database doesn’t mean it’s safe, but if it does show up, it’s definitely time to change passwords. The site is easy to use, and no, you’re not exposing your current password by using it.
- Beef up your passwords. Even if your password hasn’t been cracked yet, you should consider adding length and complexity to the mix. You may flinch at the sight of a randomly generated, strong password such as “ph22LfV(W:&f,” but you can still toss in symbols and phrases that are meaningful to you but not easy to guess. You shouldn’t use the same password on more than one site (consider slight customizations if you have a favorite combo of letters and numbers), and you should change them frequently.
- Consider a password manager. The biggest objection to complex passwords has to do with keeping track of them. A password manager will work with your various devices and apps to do all that for you and generate strong passwords you don’t have to memorize. You already have an elementary password manager built into your web browser, but checking out more sophisticated tools (like this group) can save you a great deal of time and frustration in the long run.
- Enable two-factor authentication on your online accounts. Increasingly, banks, businesses, schools, and other institutions are requiring 2FA to protect your security and theirs. It’s as easy as getting a text on your cell phone, and it helps prevent strangers from accessing your account—even if they manage to guess your password.
- Avoid the old phishing holes. The best password in the world won’t protect you if you carelessly click on links sent by people you don’t know (or from addresses that might seem familiar but really aren’t) or respond to come-ons designed to elicit personal info. If you receive a suspicious email, don’t respond directly, and check with the supposed sender through a phone call or some other secure means before opening any file that could be malicious.
- Consider the additional security of a VPN. While they are not for everybody, virtual private networks can provide an additional layer of protection and encryption against snooping and network sniffing. The services can be quite pricey, but highly security-conscious online operations may want to consider them.
THE DATA BREACH LAWYERS AT FDAZAR
Franklin D. Azar & Associates is one of the largest plaintiff law firms in Colorado, known for championing the rights of individuals who have suffered damages at the hands of large corporations. Over the past 30 years, our attorneys have secured more than $1.5 billion in compensation for our clients. Our class action department is staffed with experienced and knowledgeable attorneys who focus on litigating large, complex cases.
If you have suffered damages as a result of unfair business practices, data breaches, or corporate misconduct, the class action attorneys at FDAzar may be able to help. Speak with a member of our class-action team today or contact us here. The consultation is free.