Your online security is only as good as your password.
The top three most commonly used passwords in 2013, according to Kristin Judge of Opcio Consulting LLC, are “Password,” “123456,” and “12345678.”
The theater at Ashland’s Strategic Air and Space Museum erupted with laughter. But this is no laughing matter, as underscored at the National Cyber Security Alliance’s Wednesday event, one of 10 being held across the country.
A national survey by the Pew Research Center found that in 2013, 21 percent of Internet users who are 18 or older had an account compromised. Verizon Communications mentioned in its annual Data Breach Investigations Report that “2013 may be remembered as the ‘year of the retailer breach.’” Some of last year’s more widely known data breaches include hacks on companies like Apple, Microsoft and U.S. tool vendor Harbor Freight. More recently, hackers breached Target, stealing 40 million credit card numbers.
In her presentation, Judge explained how the “bad guys” can use something called a rainbow table to quickly hack all of a person’s accounts if each account uses a simple variation on the same login password.
“Unless your password is 12 characters long, has one capital letter, one lowercase (letter), one @ symbol, a dollar sign and a number,” she said, “they can hack your password in less than .002 seconds.”
Ronald Woerner, Bellevue University’s Cybersecurity Studies program director, said an easy way to add more security to online passwords is to use a two-factor authentication.
“That two-factor (authentication) provides an extra layer of security,” Woerner said. “When you type in your password to a particular site, say Google or Gmail, you would then get a text. The text has a PIN that you would type in with your password — and the PIN keeps changing. So for me to infiltrate your account, I’d need to get in to your phone as well.”
A crowdsourced list of sites that offer the extra secruity can be found at TwoFactorAuth.org.
“You want to make yourself as hard a target as possible,” said Justin L. Kolenbrander, a supervisory special agent with the FBI’s Cyber Task Force. “If you can make yourself a hard target, with two-factor or even more factors of authentication ... (hackers) will move on.”
None of the panelists Wednesday claimed that taking every precaution would make a person’s accounts unhackable, only that there are ways of making a hack less likely.
“This is a thing you can’t see,” said Jim Hegarty, president and CEO of the area Better Business Bureau. “It’s invisible, it’s happening underneath the surface, but it is happening.”
To those who are afraid of having their online identity hacked, Hegarty said the fear is legitimate. “But it doesn’t have to imprison you. You need to make sure you are as tuned in as you can possibly be to the most up-to-date protocols to protect yourself.”
For more information and tips on staying up on the latest ways to protect yourself, go to the National Cyber Security Alliance’s website, StopThinkConnect.org.