As a student in the year 2018, you probably have a huge presence in the digital space. You may have passwords for different social media sites (e.g. Twitter, Facebook, and Instagram), passwords for file-sharing services if you collaborate with many other students frequently (e.g. Dropbox), and various email accounts as you aim to separate your work, personal, and education-related emails - not to mention Academia.edu and LinkedIn accounts if you're looking to start networking early.
According to a 2017 LastPass report published by Security Magazine, the average business user has 191 passwords to keep track of. A massive 81% of data breaches are due to passwords, meaning that all of your different passwords may be potentially offering an open door into your accounts - unless you employ proper password security.
Although it may seem like hard work due to the large number of passwords that you have to remember, picking a good password doesn't have to be much effort. OWASP is a non-profit that offers info on app security and it is one of the main figures that encourages digital companies to exercise proper security practices, including password reset tools. It recommends that the passwords include at least one uppercase letter, at least one lowercase letter, at least one number, at least one special character (including spaces and special characters), are at least 10 characters, and are no longer than 128 characters. It even suggests that there are no more than two identical characters in a row, for example, the number 111 would not be proper protection.
Other best practices include not using the same password across multiple accounts. The reason that using duplicate passwords is so inadvisable is that if one platform is hacked, then the hackers may use that password to access all of your other accounts as well. For example, with the Equifax hack that impacted 143 million Britons, there is a real fear that the passwords and details gathered here will leave people vulnerable to future data breaches. It's also suggested that you don't list the passwords that you use in plain text; if your device gets infected with malware, it may be able to access this information, putting your accounts at risk.
The reason why groups like OWASP are so adamant about proper password security is that passwords are used to secure so many of our digital accounts. Although many platforms offer two-step verification, where you receive a text when an unrecognised user tries to log into your account, many do not, making passwords the only line of defence that we have.
Imagine what would happen if someone logged into your Google account and deleted the reports you'd been working on for a class? Or stole the highly classified research you'd been working on in the lab? Or what if they weaselled their way into your social media, posting spam or offensive messages that would impact you when you tried to enter the workforce as a post-graduate? These are terrible outcomes but ones that can largely be avoided by practising proper password security.
No comments yet. Be the first to post a comment