Is My Password Secure? Guide to Authentication Protocols

The use of passwords is essential in today’s world, from using your computer to accessing Wi-Fi. However, you should be careful with your personal and business information because hackers want to get your password.

Since 2005, over one billion records have been exposed by hackers, according to the Identity Theft Resources Center. It is reported by survey respondents that 90 percent of respondents think they had suffered some sort of computer hack in 2015. Password security should be the most important task a computer technician networking specialist does at an organization.

There are some ways to prevent your password from being compromised by hackers, phishers, and keyloggers. Proper use of an authentication protocol is key to keeping personal and business information safe. Make sure to pick a strong password, and don’t share it with anyone. Also, cloud-based password management programs are available to manage the many passwords you may have for everyday life.

Are you asking yourself, “Is my password secure?” Interested in learning more about becoming a web developer? What you need to know about becoming a web developer.

Is My Password Secure?

To hackers, getting a password to a computer is like knowing the combination to a bank safe full of your personal information. Once they get into your computer, they have access to your personal information, Social Security number, bank account information, all the emails that you sent, and any photos that are on your computer. The act of using this information through unauthorized access is identity theft.

It is important for the computer technician networking specialist at an organization to train employees in the best ways to create strong passwords and secure their computers from hackers.

Hackers have many different ways of getting your password, including dumpster diving (don’t put anything with your password on it in the trash), software tools that guess passwords (don’t use common words, street addresses, or other personal information in passwords), and brute force attacks (trying every combination of the password based on the characters available). The most common hacks are phishing and keylogging.

What is Phishing?

Phishing is when a hacker obtains your user ID and password through an email or instant message that has a specific link. Once you click on the link, any time thereafter that you enter any personal information or log into your computer or other software program, a hacker can see your password and then has access to your personal information.

A hacker may pose as a representative from an official organization, like your bank or an online payment service. Legitimate businesses will never ask you to give your personal information in an email or instant message. If you suspect that an email or instant message is fake, you can contact your representative at the company, and the rep will be able to tell you if the email or message was real or not.

What Is Keylogging?

Keylogging is the use of software that secretly records a user’s keystrokes and sends that information to a hacker. It starts with the hacker’s sending you a link in an email or instant message. Once clicked, your computer downloads a Trojan horse program without your knowledge and then begins to record all keys you tap on your keyboard.

A keylogger—what this malicious software is called—can also be secretly embedded in software downloads that otherwise seem harmless, so be careful what you click on or download.

Authentication Protocols

An authentication protocol refers to any method that confirms a person’s identity using something the person knows or possesses or anything else about the person. It can include a password, PIN, or a biometric scan of the face, eyes, or fingerprints.

The use of two-factor authentication makes hacking more difficult. An example of this is requiring both an ATM card and PIN number to access a bank account. Most computer related security relies on a user ID and password. The security of this single-factor authentication is up to the user’s ability to create a strong password and manage it properly.

What Is a User ID?

A user ID is a series of characters that become the computer user’s unique identity, similar to a Social Security number. User IDs are usually public, so they do not offer any level of security.

What Is a Password?

A password is a secure series of characters that verifies a user ID. If a password is supplied by the IT department, employees should pick a unique password that only they know. It is acceptable to have an admin password, however great care needs to be taken with admin passwords, as they can open up almost any computer in an organization.

If you forget your password, the computer or program may ask you to answer a personal question to identify you. Once you answer the personal question, you will be able to pick a new unique password. This is an alternative authentication protocol to make sure that the user requesting a new password is not a hacker.

Password vs. PIN

Both passwords and PINs are single-factor authentication methods. However, PINs tend to be a short sequence of numbers that can be entered using a numeric keypad. A PIN, used in conjunction with another authentication method, furthers protects against entry by hackers. A password is usually a longer sequence of letters, numbers, and special characters. A password is more elaborate because it is used only as a single-factor authentication method.

Creating a Secure Password

According to StopTheHacker.com, it takes only ten minutes to crack a lowercase password that is six characters long. A very secure password, one that takes 44,530 years to crack, is a nine-character password with lowercase letters, uppercase letters, numbers, and symbols included.

A strong, secure password is one that is easy to remember but difficult to crack. It is recommended that a password be at least eight characters in length and include numbers, uppercase letters, lowercase letters, and special characters.

To easily remember a password, it is recommended that employees use a phrase and replace parts of it with uppercase letters, lowercase letters, numbers, and special characters. Do not use any public information like phone numbers, Social Security numbers, driver license numbers, or birthdays. Avoid using any part of your user ID within the password.

Once employees create a secure password, it is important for them to keep it safe. They should not share their passwords with anyone, and avoid writing them down. It is also recommended that passwords be changed every six months.

Further, each user ID should be paired with a unique password so hackers can’t get one password and then access all your other accounts. If something is not important, you can use a short character password, but for important personal information use a stronger, more secure password.

Password Management Software

Your computer’s operating system and web browser allow you to remember passwords with a password manager. The drawback to this is that when you want to access the same sites or programs from another computer, you may not have access to the password manager.

The answer to this problem is to use cloud-based password management software. Many cloud-based password software programs use encryption to keep your passwords safe from hackers. Further, you can use hard-to-remember passwords, since the password manager software program will remember them for you.

There are many different free and paid password managers. RoboForm is a common password manager that not only secures your passwords but offers a digital wallet to keep your money safe, too. Another option is use of a USB flash drive with a password manager. This allows you to protect your passwords and carry them with you everywhere you go. No cloud-based password manager for hackers to break into.

It is very important to keep your passwords secure, both for the sake of your personal information and that of the business you work for. Hackers are always trying to get your passwords, whether they are digging through your trash or sending you unauthorized emails with links to Trojan horses. Make sure to use a strong password, and don’t share it with anyone so you can keep your computer safe from hackers.

Interested in learning more about authentication protocols and password security? Ready to start a Computer Technician Networking Specialist program? The Computer Technician Networking Specialist program at Hunter is designed to prepare computer networking students for entry-level positions in the fields of electronics, computer technology, and networking.

Computer networking students spend half their time in a hands-on, practical lab environment, which emphasizes the material covered in lecture, and through homework. Graduates are prepared to pass the CompTIA (Computing Technology Industry Association) A+ certification exam.

Contact us today to find out more about how to become a computer technician networking specialist on Long Island.