PC Expert Services, Computer and laptop repair in Irvine, Orange County, CA
Five great ways to strengthen your password security

Five great ways to strengthen your password security

A major password hack is in the news every few weeks; most times, the main reason is (simply) weak passwords. Don’t want to be a victim of the next hack? In this blog, we’ll take a look at five easy steps that you can take to make your passwords stronger.
Five great ways to strengthen your password security

Many people are still using the simple passwords they created in the early 2000s. Getting hacked wasn’t such a huge concern for organizations and their employees. However, as we become even more connected as a society, there is an increase in the risk that threat actors pose. For example, quoted in our article regarding the role of remote access in cyberattacks, brute force guessing of passwords was a factor in 78% of all ransomware attacks.

A simple look at the most common passwords in 2021 should make any security expert’s skin crawl. We have a problem when 123456 (and the “more secure” 123456789) are the only ones more used than qwerty. Nobody wants to (or even can) remember the long random letter and number combinations. After all, it’s much quicker to tap in the same old password for everything – and to be very clear, this is a practice you shouldn’t be doing under any circumstances!

The most common passwords haven’t changed much. Their ongoing prevalence makes it a cakewalk for hackers to break in. So what can your company and your employees do about it?

1. Use a password manager.
2. Use Multi-Factor Authentication everywhere.
3. Don’t share passwords, no matter what.
4. Check for previous hacks and delete your old accounts.
5. Avoid public Wi-Fi.

Many people are still using the simple passwords they created in the early 2000s. Getting hacked wasn’t such a huge concern for organizations and their employees. However, as we become even more connected as a society, there is an increase in the risk that threat actors pose. For example, quoted in our article regarding the role of remote access in cyberattacks, brute force guessing of passwords was a factor in 78% of all ransomware attacks.

A simple look at the most common passwords in 2021 should make any security expert’s skin crawl. We have a problem when 123456 (and the “more secure” 123456789) are the only ones more used than qwerty. Nobody wants to (or even can) remember the long random letter and number combinations. After all, it’s much quicker to tap in the same old password for everything – and to be very clear, this is a practice you shouldn’t be doing under any circumstances!

The most common passwords haven’t changed much. Their ongoing prevalence makes it a cakewalk for hackers to break in. So what can your company and your employees do about it?

1. Use a password manager.
2. Use Multi-Factor Authentication everywhere.
3. Don’t share passwords, no matter what.
4. Check for previous hacks and delete your old accounts.
5. Avoid public Wi-Fi.

1. Use a password manager

 

Passwords are a pretty vulnerable security measure, but they’re unavoidable in most cases. You can, however, take steps to minimize the risk they pose.

A good password manager eliminates the need to create and remember complex passwords. It will generate a random, unique password when needed. You can then save it in an encrypted vault to use whenever you need it. Ideally, all passwords should generate strong, “makes-no-sense-if-you-read-it” combinations.

Not only does this make it harder to crack into your account by brute force, but if one account becomes compromised, your others are still safe.

Users only need to remember the password manager’s password. Make sure it is a strong one that only you know. Some password manager apps can also use your smartphone’s biometric sensors to unlock. Personally, Bitwarden has proved to be a great choice, but there are many great options that your organization can deploy.

2. Use Multi-Factor Authentication everywhere

 

Using a password alone is like locking the doors but leaving all your windows open. You may have closed the easiest route, but the intruder can still get inside with a bit of work.

Most accounts will use multi-factor authentication (MFA). Once you have entered your password, you will get a code/link via text or email with MFA. You can also generate the code in a secure app (or approve the login). You will need to enter it to prove you are the account’s legitimate owner.

From a remote access perspective, MFA is a crucial step in ensuring that safety is at the forefront of remote sessions and that the users connecting to different devices are who they say they are.

While texting or emailing a code is the most common second factor used in MFA, they aren’t the only options. Multi-factor authentication can combine multiple credentials that are unique to the user, such as:

  • Something the user knows – a password or the answer to a pre-set question.
  • Something the user carries to authenticate – a card or key fob.
  • Something unique to the user – a fingerprint or facial recognition.

The benefit of adding a second layer of security is that the password is not enough to access an account. Even if an attacker has it, there is another obstacle to accessing the account. The benefits of MFA being part of your remote access strategy are immense.

And since we were mentioning password managers, make sure that you choose one that uses MFA – enable it and always use it!

3. Don’t share passwords, no matter what

 

While this might be obvious, many hacks happen because users tend to share passwords. And this has started occurring much more often since we all use streaming services. For example, more than a quarter of Netflix’s UK subscribers share their passwords. Since many users are likely to use the same passwords, many hacks are waiting to happen (let’s hope that at least they use MFA on their other accounts).

Additionally, if you can impose a password policy for your users, make it a complex one. Employees might not be pleased when having to change or remember passwords, but the long-term gains and extra security are second to none.

4. Check for previous hacks and delete your old accounts

 

Remember signing up for that random account ten years ago to enter a competition? Neither do we, but did you know that website got hacked in 2015? The more accounts your employees have, the more vulnerable your organization is to external risks – especially if you’ve used the same password everywhere.

You can check if your email address shows up in any data breaches at haveibeenpwned.com and sign up to get an alert when new breaches happen. A seasonal purge of old accounts will remove the burden of potential future attacks, leaving your company feeling more at ease.

5. Avoid public wi-fi

 

The internet has become so integrated with almost every aspect of our lives that in 2016 the UN declared internet access a basic human right. Public Wi-Fi is everywhere and a key player in compromising password security. On top of that, life beyond 2020 means flexible working is here to stay for many companies, indicating employees will have more freedom regarding where they work – from a coffee shop, a commuter train, or even an airport.

However, if you’re concerned about your company’s data security, you might want to advise not to connect every time a Wi-Fi notification pops up. When it comes to public Wi-Fi, there is no way of knowing who may be monitoring the session, from the URLs visited through to the keystrokes that users input.

The best way to browse risk-free is not to use public Wi-Fi, but sometimes it’s unavoidable when the 5G signal is non-existent.

Many reputable VPNs are available if public Wi-Fi is a must, even for smartphones. They will add an extra layer of security to keep data safe, especially for corporate devices.

Completely bulletproof security doesn’t exist. Taking all the steps available to protect data puts your organization in the next best position. If you are using a remote access solution, ensure it is secure and that it offers encryption on all connections, rich session permissions, and granular access control.

Cybercriminals will always look for new ways to weasel their way in, keeping us all on our security toes. It’s for us to make sure that they fail to succeed.

Source: realvnc

Types of Malware Guide

Types of Malware Guide

Types of Malware and How Each Impacts Your Computer

You’ve likely heard the term “malware” used when discussing cybersecurity; but what is malware and how does it impact your computer? Continue reading to learn all about the various types of malware and how each affects your computer.

What Is Malware?

Malware, also known as malicious software, is software that compromises your computer’s performance. There are various types of malware that wreak havoc on devices including adware, ransomware, spyware, and bugs. Each type of malware impacts your computer and your online security differently. Signs that your computer might be compromised by malware include:

  • Slow Performance
  • Issues connecting to networks
  • Crashing
  • Freezing
  • Emails sent from your account without your knowledge
  • Programs running or shutting down on their own
  • Pop-up ads
  • Internet Browser slow or not responding
  • Data files or pictures not opening or missing
If your computer is experiencing any of the above issues, rest assured that most malware can be removed with the help of PC Expert Services.
A Guide to the Variou Types of Malware

  • Ransomware
  • Bug
  • Adware
  • Spyware
  • Virus
  • Worms
  • Trojan Horse
  • Rootkit

All of these types of malware can significantly stunt your productivity, as well as compromise your online security. To prevent malicious software from attacking your device, it’s best to use caution when downloading new files and programs. Additionally, you should protect your device with antivirus software, malware detection software, and additional security programs. If you think your device is under attack, or if you’d like help installing security programs, contact PC Expert Services today. PC Expert Services has years of experience detecting malicious software and rectifying computer and laptop issues.