- Analysis
- Technology
- Cybersecurity
This was published 11 months ago
Protecting passwords: The best ways to keep your data safe
By David Swan
Cyberattacks and data breaches have become a fact of everyday life – think Optus, Medibank and a growing array of companies we trust with our most sensitive information – yet the vast majority of Australians still don’t practise basic cyber hygiene.
Experts say that 70 per cent of passwords used by Australians can be cracked in less than a second, with “123456”, “admin”, “password” and “qwerty123” among the nation’s most used passwords.
While weak passwords are a problem, even worse is that many users rely on the same password for every website they log into, meaning that in the event of a data breach, every login with the same password will be vulnerable.
Recent research from Telstra found that 63 per cent of Australians never change their banking passwords; 1.5 million Australians say they keep their passwords somewhere easy to find, like on the fridge; and 1.2 million keep them in their wallet or purse.
In an era where everything is interconnected, it’s never been more important to keep your password – and therefore your most important information and data – safe. Here are some tips.
Strength in numbers
Stick with long, complex passwords that involve plenty of numbers, a mix of upper and lowercase letters, and avoid personal data such as your birthday. Good passwords typically have at least 12 characters, have no “dictionary” words (those are easier for hackers to crack), and include varied, non-sequential numbers. They’re harder to remember, but that’s entirely the point – they’re also much harder for a hacker to bypass.
Use a password manager
Using an app to keep track of all your passwords is infinitely more secure than keeping them on your fridge or in your purse. And if you’re using complex passwords, you’ll need a method of storing and remembering them. Our favourite option is a free, open-source piece of software called Bitwarden, which is available for your iPhone or Android smartphone, as well as a plug-in for your browser (such as Chrome or Firefox).
When you set it up, it will ask you for a “master password” – now that’s one you’ll want to write down somewhere safe – and it then keeps all your various passwords and logins safe. One nifty feature of Bitwarden is a built-in password generator, meaning it will come up with a strong and complex password for you to use on each website. It also offers a password fill-in tool, which helps enter your password on each website automatically.
Other password manager options include 1Password, which offers some nice extras for a small fee, and Dashlane, which actively monitors the darkest corners of the web to let you know if your data has been compromised. Whichever option you go with, a solid password manager is a non-negotiable when safely browsing the web.
Use multifactor authentication
Thankfully it’s switched on by default on most services these days, but multifactor authentication is still not as widely used as it should be. No matter how complex your password, it may be stolen by hackers in the event of a data breach. That won’t matter if you have multifactor authentication switched on, which sends a code to your mobile phone to make sure that you’re you. It’s particularly important for critical services such as email and banking. Check out how to turn it on for many popular websites and services at twofactorauth.org.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.