The importance of secure passwords and two-factor authentications

12345, Password, Qwerty: is one of these words familiar to you? Perhaps you use them as real-life passwords in your everyday routine for your Facebook, Gmail, computer or cloud storage system? But is it worth having easy-to-remember phrases to guard all your personal information? Weaker passwords mean an easier way to enter your account not only for you but for hackers as well. Using strong passwords can slow or even defeat various attacks against your cyberspace. In today’s article, we circle the topic of secure passwords and the concept of 2-factor authentications and give you a few tips on how to make your logins more secure.

Short and simple passwords are often quite easy to remember. Who wants to walk around with notes on the different passwords for their different online accounts? But a weaker password is also easier for attackers to guess.

There are some common methods attackers use to determine the potential victim’s passwords, and the easy ones usually fail the attempt to protect the private accounts they are linked to. One of the methods is based on continuously guessing the password by using the user’s birthday, anniversary, pet’s name, the city of birth and so on. You can easily see how vulnerable this makes an account.

Another method is the different online or offline dictionary attacks, when the attacker uses an automated program that includes a list of words, trying to log in by using that database under different circumstances.

We must mention brute force attacks as well, which is a method based on trial-and-error to obtain information such as a user password or personal identification number. Then an automated program is generating a large number of consecutive guesses as to the value of the desired data.

By using strong passwords these methods can be slowed down or even stopped. Whenever it is possible, try and use a strong and secure password, including numbers, capital letters, and even special characters. This is not just an uncomfortable requirement on sites like Google or Facebook when creating passwords, it really is for our own protection.

What is a two-factor authentication process?

Two-factor authentications are very useful for preventing attackers from getting access to one’s account. Even if your password was guessed correctly by them, the 2nd step will stop them from entering the account. With the use of a 2nd factor it is guaranteed that even if the password is stolen, attackers cannot get into the account.

This method requires 2 tokens to be provided as a proof of ownership. The first token is the one we are all familiar with: our username and password. The second token is the code that is generated by a server and then asks for it, to check if the right person is trying to enter the account or not. Therefore, this second token should not be a public knowledge, but a secret. I am sure all of you had the experience of getting a long number on your phone after you tried to enter your Google account from a different computer. That is a kind of 2-factor authentication right there.

The previously mentioned shared secret is generated between the client and the server and is called OTP, or one- time password. You might have heard about HOTP and TOTP before which are both a kind of one-time password and are taking part in two-factor authentications. We are going to introduce the two concepts later in our next article, until then please make sure your passwords are strong, and you left out things like your name, birthday, children’s name, address, birth city and any other relevant information that can be connected to you. Also, if possible, use the 2nd factor of authentication as well.

You might also be interested in:

• Secure communication online

• What is one-time-password?

• Discussing AES-256 encryption method