July was a bit of a rough month for many websites, with a number of popular websites suffering high profile security breaches where user information and passwords were stolen. These attacks have many wondering if their information is secure with websites. The answer isn’t a clear yes or no, and depends on a large number of factors, one of which is your password and how you keep it secure.
Here are three tips on ensuring that your password is secure and how to keep it that way.
Strength is important
Websites use a security method called hashing to ensure your passwords are secure. Hashing is an algorithm that encodes your password, making it theoretically harder to unravel.
You shouldn’t trust on hashing to keep your password secure as recent breaches have shown that a company’s hashing may not be secure. Instead, pick a password that’s hard to guess. The most effective passwords have no full English words and a mixture of numbers and symbols. e.g., San1@3 is more secure than San123.
Watch for apres-hack emails
After a company’s systems have been hacked and account information stolen, scammers often jump at the opportunity to send emails to users. These emails are designed to look like they come from the company when they really are phishing campaigns aimed at getting you to enter your personal information, or have links to websites with malware. If you get an email from a website, don’t click the links in the email. You should go directly to the website in your browser and log in from there.
Have more than one password
Ideally you should use a different password for each website you have an account with, however, it can be hard to remember so many passwords. At the very least you should have separate passwords for work, personal and bank/financial related accounts.
If you’re worried about the strength of your password or the general security of your devices please contact us, we may have a solution for you.