A few weeks ago, we had a call from a business who’s IT support company had gone AWOL.
This left the business with a server they were unable to access – you see, the IT support company hadn’t provided their customer with any passwords or documentation for their server.
So, when we got the call, the company I work for did as any good IT support business would… we donned our superhero capes and got stuck in….
Here’s how you do it:
Many hackers enter computer systems simply by guessing passwords, and with the top passwords of 2012, 2013 and 2014 being password, 123456 and 12345678, we’re not exactly making things difficult for them! (of 40 million Adobe account passwords leaked online, 2 million were 123456).
Increases in computer processing power makes cracking your password that much easier and faster.
As they say, the best password is one that you can’t remember – using that approach, you should look to using a password manager, such as Lastpass, Roboform or Keepass
However, even the best and strongest passwords can eventually be defeated mathematically given enough time and computer processing power. Whilst the use of strong passwords acts as a firm deterrent against password guessing attacks, and buys additional time against other attacks, where possible, you’ll want to look at using two-factor authentication – that is something you know (a password), and something you have (ie. a mobile phone).
When you login to a site that supports two-factor authentication (such as a bank), you’ll enter your password, and a one time generated code generated via either a text message or an app on your phone. As codes are generally refreshed every minute, even if a hacker had obtained your password, they wouldn’t have your one time password.