In order to welcome the arrival of "world password day" on the first Thursday of May this year, USA today feels it is necessary to continue to remind everyone to improve security awareness First, try to provide strong passwords for work, entertainment, online banking, online shopping and other online activities, and avoid using the same password to prevent all accounts from being used by attackers.
Data map (from: bitwarden)
Michael cran [Dell], CEO of bitwarden, a well-known developer of open source cipher in the industry (US News & amp; world report gives A-level evaluation)( http://www.anrdoezrs.net/links/9019719/type/dlg/sid//https://www.dell.com/zh -Cn / shop / deals) means:
The most important point is that individual users must have security awareness. At the same time, they can better protect themselves through accessible and free password managers and other tools, so as to reduce the burden of strong password memory of account services across multiple sites.
The company's second annual survey found that:
● more than 80% (85%) of Americans use duplicate passwords on multiple websites, and more than half of the respondents rely solely on memory to manage passwords.
● in addition, about 60% of Americans use passwords with a length of 9-15 characters, but bitwarden recommends starting with 14 digits for security reasons.
● nearly a third (31%) of respondents have experienced data breaches in the past 18 months, compared with a global average of only about a quarter (23%).
As a reference, some simple precautions play a good role in password protection, especially avoid using characteristic information such as name, or birthday to repeatedly set the same password for multiple accounts**
Microsoft points out that 15% of users' passwords are inspired by their pets. And as the saying goes - passwords are like underwear and should not be easily shared with others (other services).
In addition, we recommend that you change your password regularly (for example, every 60 days) to reduce the risk of data disclosure. If you think this work is too laborious, a powerful and trusted password manager is a good choice.
Taking bitwarden as an example, this service uses bank level AES-256 encryption to properly keep all account secrets of users, and it is protected by a single long master password.
Error example "bingo card" (from Microsoft)
Interestingly, some network security experts believe that "password" is more realistic and easy to remember than "password".
The former can be a string of words, or can contain numbers and symbols - for example, "barking up the wrong tree" can evolve into "bark1ngupthewr0ngtree!".
*However, in Microsoft's view, the safest password is better to abandon the password * - and the company's password free login scheme allows users to delete the password of Microsoft account.
As an alternative, the Microsoft provides the Microsoft authenticator verifier app, windows Hello biometric authentication, security key, or verification code and other 'password free' login methods.
Based on this, users can safely and conveniently access outlook, onedrive and other content, and there is a video to introduce it concisely and clearly.
The passwordless future is here with Microsoft Security(via)
For people who pay attention to the security of online shopping, online banking and cloud storage, they can also add an additional layer of defense measures to their accounts with the help of "multi factor authentication".
In addition to commonly used passwords, multi factor schemes also require one-time SMS verification code, or biometric solutions such as fingerprint / face as additional verification.
Bitwarden points out that this strategy has become quite popular. 79% of U.S. respondents said they had enabled their work accounts and 77% of their personal accounts were in use.
Even if the cardholder doesn't have to pay for the stolen transaction without his hand, the payer still hopes to awaken the customers' awareness of active risk aversion - pay special attention to the use scenario of SMS verification code and whether there is HTTPS secure hypertext transmission agreement prefix in front of the browser website.
Michael jabbara, vice president of visa and head of global anti fraud services, added that some simple techniques can help you strengthen your 'first line of Defense' against cybercriminals, such as multifactor authentication and subscription consumption alerts (avoiding theft).
In addition, in daily life, users also have to develop good online surfing habits, including not clicking suspicious links / email attachments, or ridiculously low price promotional advertisements, so as not to disclose their passwords or pin codes.
Last but not least, install reputable anti-virus software on the equipment and reasonably use virtual private network software in the public network environment with poor security.
The former can avoid spyware, extortion, worms, rootkits, Trojans and other malware, while the latter helps to resist complex man in the middle attacks and other events.
In addition, it is also necessary to update the security of wireless Internet of things devices such as routers and routers in the enterprise environment in a timely manner.