In light of the recent data hacking controversy involving Australia’s second-largest wireless carrier - Optus, it was a shocking yet very important eye opener for all of us to ALWAYS create a kick-arse password combination that’s not easy to guess by a system or anyone.
According to the Herald Sun, there were approx. 9 million Australians who’ve had their data compromised. YIKES! So we invited tech guru and owner of XYZulu, Brad Baker, as our guest on Business Bite-Size live-video-podcast because he’s an expert of all things online privacy.
Hacking and any other cybersecurity breaches have always been an issue, not just in our country, but all around the world. These hackers don’t necessarily choose a company with lacking security, but “the weak link is usually humans,” as stated by Brad.
“People have done something to allow the system to be accessed by a third-party, accidentally or something (else).” (Brad, XYZulu)
You have to remember that the online world is not a safe place. There will always be some vulnerability, especially if you’re not paying close attention to the links you’re clicking, the information you’re consuming/sharing, and the passwords you’re creating. Your password is very IMPORTANT as it’s one of the best ways to protect your system and avoid getting hacked.
“At the end of the day, it is humans who have to manage the systems.” (Jenni, Elephant in the Room Consulting)
Q: Is it okay to have the same password for all my accounts?
Having only one password for all your online accounts is the worst thing you can do. You’d rather have all your passwords written on a piece of paper, than to have the same password over again!
“If your password is compromised in one of those places (online accounts), and you used the same password for your internet banking, join the dots!” (Brad, XYZulu)
In short, you have to have a unique password for each of your online account.
|Top tip: You must be able to remember two passwords: the password to your password manager, and the password to your most important online account.|
Q: How to create a strong password?
You need to have unique and random passwords that you can get through a password manager, but there are also ways that you can have strong passwords that you can easily remember.
These passwords could include
- The three most meaningful words to you
- Combine them with a hyphen (-)
- Add numbers and special characters
BUT again … you have to remember to not use that same password in more than one account.
Q: Can I share my account with someone without actually sharing my password?
Yes, you sure can, through a password manager like 1password, or LastPass.
|Top Tip: Do not EVER share your passwords with anyone!|
As well as passwords, we now have multi-factor authentication that you can choose to activate. Do this!!
Q: Do I have to use two password managers to be more protected?
Not necessarily. You can just use one that you trust, and make sure that you remember your password to that manager as most of your important passwords will be stored there.
Q: What is multi-factor authentication? Is it helpful?
As defined by SailPoint, multi-factor authentication is a high-level assurance method that uses more system-irrelevant factors to legitimise online users.
Unlike two-factor authentication, multi-factor authentication uses more than two authentication methods, making it more difficult for online trolls to hack an account.
The most common multi-factor authentication that people know about is the SMS authentication. However, this is not the safest method to choose. Take, for example, what happened with Optus, a lot of people’s phone number were breached, and if those hackers know your password, they can easily access your account even if it has an SMS code authenticator, because they also have access to your phone number! Crikey!!
“SMS is not really the standard for multi-factor authentication anymore, and hasn’t been for a while.” (Brad, XYZulu)
Here are multi-factor authentication examples:
- Answering personal security questions
- Providing a password
- OTPs or One Time Passwords
- USB, Access badges, Smart Cards or security keys
- Software tokens and certificates
- Facial recognition
- Voice recognition
- Behavioural analysis
This is a YubiKey authenticator that Brad recommends, click here to learn more about it.
Watch this episode of our Business Bite-Size on Youtube:
Or listen to our podcast here: