Why and how to improve your password management

Business vector created by jcomp — www.freepik.com

Have I been pwned?

Importance of complex passwords

Source: https://www.hivesystems.io/blog/are-your-passwords-in-the-green
  • 8 characters
  • Upper and lowercase letters
  • Numbers
  1. I have set a password “12345678” on one of my accounts.
  2. The platform where I have set the password got breached and all its data got leaked.
A very simplified example of a rainbow table

Managing your passwords and credentials

1. Start using a password manager

  • Choose a very complex “master password” (one you can remember of course 🐵)
  • Immediately enable two-factor authentication. Be sure to pick “App” 2FA over “SMS” 2FA.
  • Add all your existing credentials to the manager and remove all other files, papers, … where you were storing them before.

2. Check for reused passwords

3. Enable 2FA where possible

  • Knowledge, something only the user knows. For example, a password, passphrase or a PIN.
  • Possession, something only the user has. For example, a key or a token (= digital version of a key).
Computer vector created by stories — www.freepik.com

Pros and cons

  • There’s still some vulnerability to consider. If someone else learns the master password for your password manager, all the other passwords stored there could be stolen.
  • You might forget your master password. Typically, you’ll be locked out of the password manager’s database. There are ways to get back in, but the worst-case scenario is that you’ll then be forced to reset the password for every account included in your “vault.”
  • Setup and use could be tedious. You might have to get used to using a password manager, which can take a while and some time.
  • Passwords are remembered for you
  • Passwords can be unique and complex
  • Passwords are encrypted

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Introduction to LaunchX

Announcement of LBank Launches Perpetual Contract Trading Contest to win MaoTai

Aadhaar enrollment rejections are accelerating

Zero-Day Attacks: What Organizations Can Do to Prevent Them

Sneaky — HTB walkthrough

Anonymous: How hackers are trying to undermine Putin

Report on the Delegation of the .мон

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Robin Ingelbrecht

Robin Ingelbrecht

More from Medium

Insider Risks — What are they and how can we mitigate them?

You should be using AWS IMDSv2: Here’s why and how to do it

How to setup third party domain name with AWS Route 53 (2022) ?

(How to) Secure your e-mail and prevent most cyberattacks