Background
Someday when I joint in an open discussion with a group of friends, I asked them the question about how often they are change their bank account PIN. I asked them in certain period start from 1 months, a quarter then in 1 year, less than 3 person raise their hands. Then I asked them again about did they already change their bank account PIN since they open their account for the first time. Parallel with previous question, less than 3 person raise their hands. Surprisingly that's the fact!
Burden For All
How many of you might have an situation where you forgot password of an account in the internet and then use "forgot password" features? In this digital era, some of us create more than one account. Some create for email(s), some of them for ecommerce website(s), some of them also for social media account(s), and etc. It also added with password(s) for your personal computer login, your gadget(s), bank account(s), and many of them. We have to remember all of those password(s).
Therefore, for some people having accounts in internet will create another burden for them which is they have to remember all of those passwords. It's a common practical that they using an identical password for all those internet accounts. That will lead to a risk of "security hole"!
This security hole also indirectly supported by account provider by not obligate their user to change their password regularly in certain period. If they enforce their user to perform that activity, then it will cause inconvenience and will increase complain to their helpdesk. It will cause another burden for account provider. To mitigate that problem they transfer that risk to user and create some of awareness to change password periodically. Objectively to increase user awareness related to securing their account. And also some of them create another feature such as token to be use as an additional authentication.
Whats Next?
Be aware of that risk that might be hunted us as a internet user, we should be more aware how to securing our data. Some of options that may available for us are:
Option one: Strong password.
To create a strong password is not difficult as people think. One common tips is choose a sentence that have length more than 12 character from your favorite songs, books, quotes, etc. This will helping you to remember your password than using random words / letter produce by password creator software or worse, using your personal data as your password. You can add some combination to increase strength your password such as capital and lower case, numbering, and special character. To test how strong your password, click here.
Option two: Never write down your password.
Your password never become a password when you start to write it down without protecting it from unauthorized person. In example, you write it on the sticky notes and paste it near your computer. Or writing it in notepad. When your computer accessible by physical or virtually through computer connection, then it could be a target by cyber criminal.
Option three: Two factor authentication.
Some of account provider have two factor authentication to helping their customer to securing their account. It means user will be asked by account provider to input additional authentication method besides existing password to verifying the existing account is belong to origin user. For example, if you using Gmail as email provider then Google have an additional authentication tools, it called Google Authenticator. It will forcing user to input some of valid token after inputing the valid password. Read more in here. Another example is Facebook also implement two factor authentication to securing their user. For reference find in here.
Option four: Using password management software.
As mentioned earlier, lot of account poorly will create a burden for user to remember lot of password too. And using an identical password for all internet account is a great solution. Its true but not recommended for security reason. That's why password management software come as a proper solution to address that risk, such as LastPass, Kaspersky Password Manager, or KeePass. That tools will helping to remember all your internet account password and store it in secure way. And reduce your headache a lot!
Option five: Change your password periodically.
This option is essential step to be conducted to securing your data if it perform periodically. Some of account provider provide the time information of change password last perform. It will helping you a lot to remind immediately change password periodically.
There's always a way to secure your data from cyber criminal. Its better to be more aware and start to perform one / more options above than loss of your priceless data! Act now...
Thank you for reading,
- EJ
Someday when I joint in an open discussion with a group of friends, I asked them the question about how often they are change their bank account PIN. I asked them in certain period start from 1 months, a quarter then in 1 year, less than 3 person raise their hands. Then I asked them again about did they already change their bank account PIN since they open their account for the first time. Parallel with previous question, less than 3 person raise their hands. Surprisingly that's the fact!
Burden For All
How many of you might have an situation where you forgot password of an account in the internet and then use "forgot password" features? In this digital era, some of us create more than one account. Some create for email(s), some of them for ecommerce website(s), some of them also for social media account(s), and etc. It also added with password(s) for your personal computer login, your gadget(s), bank account(s), and many of them. We have to remember all of those password(s).
Therefore, for some people having accounts in internet will create another burden for them which is they have to remember all of those passwords. It's a common practical that they using an identical password for all those internet accounts. That will lead to a risk of "security hole"!
This security hole also indirectly supported by account provider by not obligate their user to change their password regularly in certain period. If they enforce their user to perform that activity, then it will cause inconvenience and will increase complain to their helpdesk. It will cause another burden for account provider. To mitigate that problem they transfer that risk to user and create some of awareness to change password periodically. Objectively to increase user awareness related to securing their account. And also some of them create another feature such as token to be use as an additional authentication.
Whats Next?
Be aware of that risk that might be hunted us as a internet user, we should be more aware how to securing our data. Some of options that may available for us are:
Option one: Strong password.
To create a strong password is not difficult as people think. One common tips is choose a sentence that have length more than 12 character from your favorite songs, books, quotes, etc. This will helping you to remember your password than using random words / letter produce by password creator software or worse, using your personal data as your password. You can add some combination to increase strength your password such as capital and lower case, numbering, and special character. To test how strong your password, click here.
Option two: Never write down your password.
Your password never become a password when you start to write it down without protecting it from unauthorized person. In example, you write it on the sticky notes and paste it near your computer. Or writing it in notepad. When your computer accessible by physical or virtually through computer connection, then it could be a target by cyber criminal.
Option three: Two factor authentication.
Some of account provider have two factor authentication to helping their customer to securing their account. It means user will be asked by account provider to input additional authentication method besides existing password to verifying the existing account is belong to origin user. For example, if you using Gmail as email provider then Google have an additional authentication tools, it called Google Authenticator. It will forcing user to input some of valid token after inputing the valid password. Read more in here. Another example is Facebook also implement two factor authentication to securing their user. For reference find in here.
Option four: Using password management software.
As mentioned earlier, lot of account poorly will create a burden for user to remember lot of password too. And using an identical password for all internet account is a great solution. Its true but not recommended for security reason. That's why password management software come as a proper solution to address that risk, such as LastPass, Kaspersky Password Manager, or KeePass. That tools will helping to remember all your internet account password and store it in secure way. And reduce your headache a lot!
Option five: Change your password periodically.
This option is essential step to be conducted to securing your data if it perform periodically. Some of account provider provide the time information of change password last perform. It will helping you a lot to remind immediately change password periodically.
There's always a way to secure your data from cyber criminal. Its better to be more aware and start to perform one / more options above than loss of your priceless data! Act now...
Thank you for reading,
- EJ
Comments
Post a Comment