Passwords are meant to keep your valuable data secure and away from prying eyes and cyberthieves. Everything happens online today – bank accounts, social media, personal information, and work-related info – and all of it requires passwords that must be stored so they aren’t vulnerable to hackers.
You might wonder who would possibly want your passwords and your data. About 14.4 million people in 2019 alone were victims of identity theft, which is the most common repercussion of a data breach and a practice that is on the rise. The total monetary loss to consumers was $1.9 billion.
Hackers look for any opportunity to access valuable data, whether they intend to use it to steal cash or to get information that damages an individual’s or company’s reputation. Roughly 80% of data breaches in 2019 were caused by compromised passwords, so it’s important to know the best way to store passwords so you can keep your data safe.
Your Passwords Are Not as Secure as You Think
We’ve been creating passwords since the dawn of the internet, with an added sense of security provided by that little lock in the address bar and the “https” in front of the website you’re visiting. It’s true that your passwords are protected by encryption algorithms, but hackers have their nefarious ways of accessing your information anyway.
One of their tools is knowing that the most common passwords are made up of things like pet names, birthdays, or a simple combination of letters. This means some passwords will be the same for numerous users. Database hackers will try to decode encryption using the same technique used to protect them, called “hashing.” Thieves will use hashing to input common passwords to see if any of them match any encrypted passwords that appear multiple times. This can give them access to millions of records.
Password Hackers Use Many Clever Techniques
Hackers don’t always have to breach an entire database or use a forceful technique like hashing to get passwords. They use myriad tricks to obtain passwords, many of which rely on computer users being their own worst enemy, such as:
“Phishing” via email is one of the most common ways to get your password. The email you receive looks like it has come from a trusted source, but it is actually malicious. The email will typically trick the recipient into clicking a link or downloading an attachment. This action then downloads a malicious file that is installed on your computer, and your passwords are there for the taking.
Other hackers will use something called “social engineering,” which involves the hacker tricking a computer user into revealing passwords. You might get a phone call, for example, from a hacker pretending to be from a trusted company, offering technical support and asking for passwords to be able to access your account.
Malware is harmful software, and another tool hackers use. It can be downloaded to your machine via a phishing attempt, by visiting some websites, or by other means. Certain malware can then install a keylogger or other malicious software, including code that specifically targets passwords.
Hackers also have other, more sophisticated methods, but many are simple and quite preventable. Sometimes they do nothing more than simply look over someone’s shoulder to see their password. Sometimes they just guess. These various password hacking techniques are a real threat, though, and any computer user must be vigilant. That makes it critical to understand the proper techniques for storing passwords safely, both online and offline.
The Best Ways to Store Passwords Safely
It’s important to understand how to store passwords, but a good first step for security is to use two-factor authentication (2FA) for every account that makes it available. 2FA gives you an extra layer of protection if someone gets your password. It’s an important first step to take for your security.
2FA will require a second passcode for any login that is provided via an authenticator app or by text message, a phone call, or email. 2FA is useless if your passwords are not stored safely by using one of these methods, however:
1. Use your browser’s password manager
There is excellent password-storage functionality built into Chrome, Firefox, Edge, Safari, and others. Your browser will even offer to generate a password for you. With this method, the browser’s password manager will save your password for use on all devices, so it’s important to have a master PIN number or password set up to access your computer, phone, or tablet. Skipping this step means anyone who gets their hands on your device will have access to absolutely everything.
2. Try password-saving software
It’s hardly rare to forget a password, especially for sites you don’t use all the time. Like the password manager built into your browser, certain apps also store passwords safely. Password-saving software will both store your encrypted passwords and generate random ones as needed. You can even find free versions that exclude some paid features, but they do what you need.
3. Keep records on paper
Storing passwords offline by writing them down might seem old-fashioned — and is likely something you’ve been told not to do — but it certainly beats doing nothing, and cyber criminals can’t reach through your screen and grab a notebook. Just don’t carry it with you, and instead keep it in a secure location. Other tricks to make this approach more secure, including writing the password down backward, writing only hints, or noting just one word that’s within your password to jog your memory.
Memorizing your passwords also works, but it’s not a practical solution for most. Studies show that people have to remember an average of 100 different passwords, after all. The importance of finding the best way to store passwords that works for you can’t be overstated.
Tips to Further Protect Your Passwords and Your Data
Password protection is important, but there are other best practices for securing them and other sensitive data. Keep these things in mind to enhance the actions you take to secure your passwords:
- Do not use the same password on every site or even multiple sites. Roughly 65% of people do this, however, and 13% use the same password for everything. It’s a bad idea, because once hackers get a password from one site, they’ll try it on every site you visit.
- Never use the same password on work accounts and personal accounts. Again, if there’s a breach, it will be easy for the intruders to get into all your accounts.
- Some sites will require you to change passwords regularly. It is easy for hackers to get into multiple accounts using the hashing technique if you only change one word or a digit in a password you are required to change. Change the entire password for a better chance of foiling their attempts.
- Use complex passwords rather than those that are easy to guess, and never use sequential numbers or the word “password.”
- Any robust security approach will include a plan for deleting unused files that may give hackers access to sensitive information. A digital file shredder can easily remove any outdated files to keep them out of nefarious hands.
Hackers who breach a computer’s security can access everything, even sensitive personal information and photos. You might think tossing your current bank statement into the trash and emptying it means it’s gone forever. Think again – there’s plenty of software that can recover trashed files. You need to permanently erase data on your computer in a way that guarantees it can never be recovered.
Contact the Experts in Permanent File Erasure
The Shred Cube boosts your computer security by quickly, easily, and permanently deleting unwanted documents or files. Numerous user-friendly features such as drag-and-drop, file attachment, and duplicate file finder mean privacy is now just a click away.
Get in touch with Shred Cube today for information about our powerful USB file shredder.