News & Resources

How to protect your passwords so they can protect you

  • Posted on

Christine Sabino, Senior Associate at Hayes Connor, explains why password protection is so important and advises how you can protect your passwords from fraud

In a world where our online profile is a key part of the face we present to the world, learning how to protect ourselves online is paramount.

One of the leading causes of banking and financial breaches is a lack of security. Clearly, protecting our passwords is the first step to protecting ourselves.

In this article, we’re going to talk a little bit about the history of password protection, the latest developments and what we can expect in future. We’ll then dive into exactly how to protect your passwords from fraudulent activity.

The history of the password

Passwords have been used for centuries, dating back to the watchwords Roman soldiers used to identify who was authorised to be in a certain area. That said, the computer password as we know it was originally introduced in 1960, by Fernando Corbató.

During this time, the Massachusetts Institute of Technology (MIT) were working on a huge Compatible Time-Sharing System (CTSS) that all researchers had access to. Corbató wanted to find a way to keep individual files private. So, he developed the first online password system so users could only access their specific files.

Fast forward a few decades and we’re now using passwords for almost every aspect of our lives.

What is the future of password protection?

With cybersecurity efforts having to change every day to keep up with the ever-evolving nature of cyber threats, we have to question what the future looks like.

Experts in the field of cybersecurity have suggested that a passwordless future could be the way forward. We’re already seeing this become part of phone technology, with face recognition logins being all the rage, even for online banking! But, how might this infiltrate the workplace, especially in a COVID world?

Data protection and IT specialists are finding ways to avoid logging in across the board in some workplaces. This not only eliminates password safety risks, thus reducing IT costs and boosting security measures, it may even help to increase productivity. Without employees having to remember passwords and change them regularly, it’s clear why this would be the case.

That said, we still have a way to go before people decide this is the way forward. We’ve become so used to password protection, that it’s simply a way of life. So, in a world where passwords are king, how can we protect them, and why should we?

Why is password protection important?

Passwords are used across the web for a number of reasons. Logins to online shopping and social media accounts are just the tip of the iceberg, with more important uses, such as online banking and PINs being the riskiest.

The scary thing is, if someone manages to hack your email account due to an insecure password, they have access to almost every online account and bank account you’ve ever set up. So, being sure to keep your passwords safe is essential.

Christine Sabino, Senior Associate at the UK’s leading data breach solicitor’s, Hayes Connor, emphasises the importance of keeping your passwords safe. She said:

“Ultimately, if someone gets access to your password, they could wreak untold havoc on your life. Once they’ve got hold of your details, they might get access to your bank accounts, purchasing items with your money. In more extreme, but not unlikely, cases, they can even steal your identity.

“Of course, the responsibility is on businesses to protect their customer data to avoid a data breach. However, we must also do our part to protect ourselves, as data breach claims against a company can actually be invalidated if you failed to keep your password safe. So, the onus is on you to protect your details to ensure you aren’t held liable if your account is somehow hacked.”

How to protect your passwords

The question of how to keep your password safe from prying eyes will be the next on your lips. So, what are some steps you can take to reduce the risk of being targeted by cybercriminals?

1. Set up secure passwords to begin with

Having a weak password is a sure-fire way to become a victim of fraud. A weak one can be easily guessed, so starting strong with a strong password for everything is a must.

If you’re really stuck, you could use a password generator to randomly select a secure password that won’t get forgotten. Otherwise, some go-to tips for setting up secure passwords include:

  • Making sure the password is 12 or more characters long
    • Including punctuation marks throughout
    • Including upper-case and lower-case letters throughout
    • Not using numbers in exchange for letters e.g. 9 instead of g
    • Avoiding memorable keyboard paths, like 123456 or qwerty

2. Don’t always use the same password

It’s pretty common for people to have a few passwords that they use for almost everything, with just a couple of variations to change things up. We’re sure many of you are members of this club.

However, the dangers of this can’t be overstated. After all, if someone gets hold of one of your few passwords, they might be able to access numerous accounts by simply guessing your variations of adding a capital letter and a punctuation mark here or there. Keeping every account safe in the event of one being hacked requires a large list of different passwords.

3. Keep passwords in a safe place offline

There are multiple ways you can store passwords to help you remember them, be it online or offline. If you want to keep them away from an online setting, the best way to store passwords offline is to use a piece of paper. The trick is to not write them exactly word for word; give yourself a hint or clue to help you.

For example, say your password includes the phone number of an old friend of yours from back when memorising home phone numbers was normal. Your clue could be something like “B’s number”. This should prompt you to remember it, whilst being practically impossible for anyone else to guess.

4. Keep your passwords safe online

If going offline isn’t for you, then there are online methods to keep them safe. The safest method for this is to use a password manager. This is a software to help you to manage your credentials, away from prying eyes. The database will be encrypted and managed via a master password.

5. Install anti-malware software

Protecting your devices by installing software which detects malware and suspicious activity is a great way to get maximum protection. These will aim to keep dodgy activity out of your mobile or laptop and should alert you if anything suspicious is detected.

6. Use multi-authentication

Multi-authentication is when a device or account can only be accessed after being presented with two or more pieces of identification. For example, your online bank account might require a passcode sent to your mobile number before you gain access. This not only ensures you’re less likely to be hacked, it may also alert you to attempted suspicious activity in your account. So, where you can, be sure to use this.

7. Install updates

One of the biggest risk factors of data breaches and cyber threats is not updating devices regularly. This is because hackers are often one step ahead of us all.

Although it is frustrating having to keep up to date with constant system updates, they could be a saving grace. So, to keep hackers at bay, keep on top of these on all devices whenever you are notified about them.

8. Be vigilant

Cybercriminals are often very clever and will use a myriad of different techniques to fool you into giving up personal information. Whether it be through clicking a rogue link in an email or text message or tricking you over the phone, these threats are everywhere. Ultimately, go with your gut, and if you don’t feel like something is right, call the actual company to query it.