Despite security experts warning us (Keep Your Logins and Accounts Secure) for years about the dangers of poor account security. It seems too many people around the world just didn’t get the memo.
As a case in point, PCMag reported that the most common passwords. Used in 2020 were “laughably insecure” Of a database. The 275,699,516 passwords, only 44% were considered unique, while the remainder were repeated or based on highly used passwords.
The top offenders? Passwords such as ‘123456’ ‘qwerty123’ and ‘password’ are still popular. Web admins face a duty of care to keep their accounts and log-in details secure. So if you’re currently using any of the common passwords or variations of those, you’re setting yourself up for a breach.
Also Read This: Why Is WordPress Security So Important?
But good security goes above and beyond decent passwords. In 2021 with the advanced cybersecurity threat landscape, web admins need to up their game. Here’s how to keep everything secure:
Table of Contents
Once primarily thought of as privacy tools. Virtual Private Network (VPN) software is rising to the fore as an essential security solution too. Major manufacturers, including Hewlett Packard, are even including VPNs as standard on new computers now.
When you log in to your websites and servers with a VPN enabled. There’s an added layer of security for two reasons: firstly, your internet activity is carried on a private browsing network that’s not readily detectable to threat actors. And secondly, any data transmissions you make (such as entering login details on an online form). Encrypted meaning the information is unreadable to others.
Because passwords in 2021 need to belong, be complex, and comprised of numerous special characters, upper and lower case letters, and numerals, they are difficult to remember. A password manager takes the hassle out of this by storing all your passwords securely. Tools such as LastPass operate as browser extensions, so all you need to do is log in once with a master code or phrase, and the password manager does the rest. You can even use these tools to generate unique and secure passwords.
Check out this: Why Your Mobile Payments May Be Insecure?
2FA or multi-factor authentication (MFA) adds an essential additional layer of security to accounts. 2FA, a single verification or authentication method (such as a password and username) is supplemented with an additional verification method.
This second method can include biometric data — facial recognition or a thumbprint, for instance — or an SMS message or an email. Many people opt for SMS authentication, but there are some downfalls here. As reported by Forbes, SMS has “infamously poor security, leaving it open to attack.”
Given the issues with some authentication methods, an increasing number of people are turning to dedicated solutions to keep their accounts and logins secure. For web admins, both authentication apps and security keys are a good idea.
The former software is installed on a device, while the latter is a little different. Security keys are physical devices that must be plugged into the user’s primary device (via USB, USB-C, Lightning, or NFC) to allow access to accounts. The pro point here is that unauthorized access to any accounts is impossible without the key, but that’s also the downside. If the security key is lost, it can be a faff to recover access, depending on your chosen product.
The Verge has a good rundown on security keys and a few options to look into here.
As web admins, we have an onus placed on us to keep servers and sites secure, and that begins by ensuring our account information and passwords follow good security protocols. Follow the tips above to keep your accounts safe in 2021 and beyond.