Blog

Cybersecurity – How Hackable is Your Password?

If you’re like most people, you have a certain set of characters, passphrases, or memorable information that you use to cobble together a password (and most of the time this is the same password you “use for everything”). Your dog’s name, your wife’s birthday, your oldest child’s middle name, or some combination therein. This has worked for you for years, there’s no reason to change it, right?

Wrong.

According to a 2017 Identity Fraud Study conducted by Javelin Strategy & Research<, more than 15.4 million U.S. Consumers have had their identity and personal information stolen, including social security numbers and bank accounts, as well as credit cards being opened in their names causing well over $16 billion in stolen assets.

Criminals have shifted their focus from counterfeiting and directly manufacturing bank cards and credit cards to compromising online bank accounts. The first line of defense is unfortunately the weakest – the password.  Even with a universal shift to chip-based cards and POS terminals being implemented at most retailers across the country, criminals are finding it easier to create new accounts in a victim’s name and divert the physical card to an address of their choosing (and/or use the card number online to create thousands in fraudulent debt).

So what do I do? How do I protect myself?

  • Create a strong password and never distribute it to anyone
    • The most secure password is the one only you know.
  • A strong password is a complex one
    • Make the password at least 8-12 characters long, use a mix of special characters, uppercase/lowercase, and numbers wherever possible.
    • Examples: iH@v3aStr!onGpa$$w0rd10, ls71p20i#@jjal2210
    • Note that most password utilities hackers will employ dictionary-based attacks, meaning they will attempt to guess passwords based on words utilized in the dictionary.
  • Don’t use just one password
    • Websites are compromised all the time, and even one data breach can cause your password and sensitive information to be exposed. If that information is the same for all of your online accounts, you’ve got a much bigger problem to deal with.
  • Don’t write down your password in plain sight
    • Better yet, don’t write it down at all if you can avoid it.
  • Consider using a password management tool
    • Web services and applications like Lastpass, KeePass, and other credential managers can provide you a password repository to keep your hard-to-remember information at your fingertips while remaining safe and secure. Generally you only have to remember one master password to the repository (don’t lose that!)
  • Consider multi-factor authentication
    • Most services these days utilize some form of notification process and authorization methodology to confirm your identity. This can be in the form of a text message to a cell phone, verification e-mail, or a PIN number in addition to a password. While these can be annoyances, it can really add value as an extra security measure.
  • Don’t bite on the phishing bait
    • Be extremely careful when clicking on links, even if they appear to be valid and from legitimate sites. There are rarely if ever any instances where a company will demand that you login unsolicited. Be smart, hover over a link and see where it goes instead of clicking on it blindly.
    • Example: com (but when you hover over the link with your mouse it says http://stealyourinfo.org/completelyfakesite/donotclick.aspx)
  • Lock down your devices
    • Your information is only as safe as the least secure device you use. Make sure you are using the most up-to-date security patches and updates, and check to make sure there are no known vulnerabilities a hacker can use to compromise your equipment.

Unfortunately, there’s no magic bullet when it comes to cyber security, and it requires a fair amount of diligence, active knowledge, and sometimes just plain common sense. Consider a multi-ringed security approach (like a castle with a moat and a drawbridge) to overcome many of today’s technology concerns.



Back to Blog

Spotlight

Subscribe to our blog

New [eBook]: Tools for Navigating the Class Action Settlement Process

Find Out More

[On-Demand Webinar] Navigating the Settlement Administration Process from Start to Finish

Find Out More

New to Class Action Litigation? Start With Our Free Resources

Find Out More