Password Safety

Do we need strong passwords?

Passwords are required to live in this day and age. Strong passwords even more so. To start, we need to know how passwords are stolen by hackers. The most common way hackers are able to ascertain your information is through data breaches for certain sites (e.g. Facebook, CyberLovers, Roblox, Instagram, TikTok, etc.) 

A good way to test if one of your accounts have been breached is the site: https://haveibeenpwned.com/. Entering your email(s) into this site will reveal whether or not your account has been compromised and the websites that account was breached on.

Why do we need 2FA?

2-factor authentication, also known as 2FA is a process that can make your accounts more secure outside of passwords. 2FA adds an extra layer of protection to your accounts which changes the normal 1-step process of logging into the account. Instead, 2FA will include an extra step to make sure that the person logging in is actually you.

Examples of 2FA

• Biometric scan (fingerprints, voice, facial recognition)

• CAPTCHA

• Keycards

• Personal security questions (What city were you born in? What is your date of birth? What is your pet's name? Can I have your house keys?)

• SMS/Voice one-time passcode (OTP)

Authenticator Apps & How They Work

Authenticator apps like Google Authenticator, Twilio Authy, Microsoft Authenticator, Duo Mobile, etc. uses the SMS/Voice one-time passcode (OTP) 2-factor authentication. This 2FA method is done through text-based messages where a code would be sent to you via messages.

What do authenticator apps do?

Apps like Authy or Google Authenticator will have the codes inside the app instead of a text like normal one-time passcode (OTP) types. These authenticator apps will give a set of passcodes for you to use to verify your account. The codes change every 30 seconds or so which toughens up your account's security. It's near impossible for hackers to be able to ascertain the code if it changes often.