Today, 11 February 2020, is Safer Internet Day. This global day of action focuses on the motto “Together for a better Internet”. How can we make the most of the tremendous opportunities that the Internet offers in the course of digitalization? There is no doubt that the Internet and, in the industrial sector, especially the Industrial Internet of Things (IIoT) has an immense advantage in terms of the effectiveness, speed and semantics of communication.
How can we protect ourselves? Let’s start in the private sector. What attributes should secure passwords have? And why should we actually change passwords?
Tip #1: Unique Passwords
As tempting as it may be, you should never use a universal password for all your user accounts and accesses. No matter how complicated or long this one password may be. The crux is that even this difficult password could be cracked by a hacker. And then? The hacker can log in to all your user accounts and bust your bank accounts to his heart’s content, as well as possibly send Trojans or viruses via your e-mail address.
Tip #2: Brevity is not the key
A password should be at least 8 characters long, avoiding consecutive strings such as qwertz or 12345678. The longer the password, the better.
Tip #3: Do not use the name of family members or pets
Using brute force or dictionary attacks, hackers run all word combinations through the program within minutes until the correct password is entered. Therefore, you should not use words that are found in dictionaries. Adding numbers or special characters before or after the word is also not an effective protection measure.
Tip #4: Build mnemonic bridges for your passwords!
The best password is of no use if you can’t remember it. So build yourself mnemonic devices. For example, remember a sentence and use only the first letters, combined with numbers and special characters.
“Anna buys Milk at 8 pm and also purchases 12 Belgian Pralines.” will change into the password “AbM@8paap12BP.”
Tip #5: Use a password manager
If you are bad at remembering passwords, there are two solutions: Either you write down your passwords on paper and if possible do not keep this note with your notebook, smartphone or in your wallet, or you use a password manager. Several providers now offer this service, where all your passwords are stored in one place. Depending on the program, the passwords are stored locally on the device or in the provider’s infrastructure, usually in a cloud.
You should also remember to create a strong password for the password manager.
Tip #6: Biometric recognition
Many device manufacturers, such as Apple or Samsung, offer the option of using biometric recognition in the form of a fingerprint or face recognition instead of a password on their mobile devices and/or notebooks. This offers more security, whereby the device must be able to recognize a face in 3D. Otherwise, a printout of a photo of a specific person in 2D would be sufficient to outsmart the device’s camera.
Tip #7: Two-Factor Authentication
If possible, you should always use two-factor authentication to provide double protection. After the first login attempt, a PIN code is sent to another device, such as a smartphone, without which successful login is not possible.
As in all cases, it is not possible to provide 100% protection. However, you can protect yourself as much as possible against threats and use strong passwords, biometric recognition, and two-factor authentication. So that passwords like joe123 or ManchesterUnited are a thing of the past.
