Debunking Common Password Misconceptions

[PHOTO/ BUSINESS TIMES KENYA]

Authentication technology is getting better. It is only lately that we have started to contemplate life without passwords. The alternatives being MFA (multi-factor authentication), biometrics, and other considerations. However, passwords are entrenched into our system and they will be hard to get rid of.

There are of course common misconceptions about passwords that most people need to get rid of:

Passwords are on their way out

Many people, including IT professionals on security, believe the password is on its last leg out. It is true that in the coming years we shall rely heavily on much better authentication technologies such as biometrics. However, it will be a long time before we reach that stage.

Biometrics, such as fingerprints and facial recognition are good for recognition but do not cut it as far as authentication is concerned. They are sophisticated techniques but have gaps in security. Cryptographic keys are a consideration, but phishing is a great likelihood.

Read:  Passwords To Avoid: Here Are The Most Hacked Passwords

Passwords are secure

A common password misconception is that passwords are 100% secure. Remember hackers do not sleep while devising new ways to go round security measures. If you do a comparison of other security measures such as phone numbers or biometrics, passwords have security lapses. A great password includes:

  • Strength-a hacker can’t hack or use brute force to get through
  • It should have unique and creative and should never have been in use before.
  • A person who understands phishing and the dangers should use secure channels of transmitting, such as real HTTP connections.

Passwords do not have to be memorable

Passwords should not be memorable, but they have to be secure. Password managers are a safe and convenient way to make your life simpler. You need not have to remember all your passwords to your social media accounts, email accounts, and others.

Some password generator managers make it even simpler by automatically filling your password into accounts or websites you log into, and at the same time protects you from phishing. A password manager is a password generator that creates and saves random, long, and special passwords, which you do not have to remember. Use a single password to authenticate you to your password manager, which then verifies you to the password manager.

Biometrics is the way to go

Biometric is certainly the future. It is as simple as raising a finger and verification is in progress. Biometric as a single factor authentication, which makes it possible to steal keys. Biometrics only stores your retina and fingerprints as 1s and 0s. A hacker can easily get these details and use them to blackmail you.

Common password mistakes include the assumption that changing your password regularly keeps you secure. Some organizations insist that employees change their password, often after a certain duration. They insist on a change of password to a different length each time to differentiate the current from the previous.

Most people, when asked to change their password, they only stick to doing the least they can get away with, making minimal changes. This makes them even more susceptible to hacking as the hacker already has a place to start.

Read:  Africa’s Digital Economy Needs Cross-border Cooperation To Succeed

Passwords must be a certain length

IT experts say that the longer your password is, the more secure you are. You do not need to create a password with 32 characters unless you encrypt sensitive government data or a Bitcoin wallet. In these cases, the passwords must be highly secured.

Handled correctly, strong passwords can be of any length you want. Services hash and salt passwords, then only store the hash, which means you have no need to worry about how long the password is. Your password becomes more secure the longer it gets, but 17 characters are more than enough unless you are encrypting data and you can use 23 or more characters.

Summary

The internet is like a school, where you are constantly learning. With a bit of knowledge, some common sense, and some useful tools, you can avoid threats by:

  • Updating your computer and gadgets
  • Store passwords on a password manager
  • Be careful when clicking on links on emails or to sites. Save your favorite and most commonly visited sites as bookmarks.

This story was shared through Techwarn