Account privacy should ALWAYS be a priority. Hackers have many reasons to hack (steal/leak info, disruption, money, politics, etc.) Let’s dive into how it happens and what YOU can do to help secure what’s YOURS.
HOW ACCOUNTS ARE HACKED
Brute-force attack: Attacker repeatedly submits passwords with the hope of guessing correctly. The computer can do the work of generating the passwords. TYPICALLY, passwords are hashed and stored in a database. So when you go to log on to your account, the process might look like this: WHAT IS A HASH?: A hashing function is a mathematical algorithm that takes input data and converts it to a fixed size value (in this case, a string). It is a one-way function which means it CANNOT be reversed once hashed.
STRONG PASSWORD
Even if your password is not easy to guess, that does not mean that it is strong. BlueSky22 might not be easy to guess by a human, but a computer can crack this within 3 days (approx). A great password consists of uppercase & lowercase letters, numbers, and symbols.
Consider creating a phrase that contains a mixture of characters. For example: 1tsrAIn1NGcts&DGS! (It’s raining cats and dogs!) takes 36 QUINTILLION YEARS.
UNIQUE PASSWORD
DO NOT reuse the same password for other accounts! Imagine that your Instagram is hacked and you used that same password for your email account. That account would be EXTREMELY vulnerable. Let's talk about email accounts. The password for these should be undoubtedly strong and unique. If it’s compromised, one may be able to gain access to all other accounts just by requesting a password reset link.
PASSWORD MANAGERS
Many use their notes app to store their passwords. To add another layer of security, consider using a password manager like Dashlane, 1Password, LastPass, or the one that comes with your device. You can also look for open source solutions (Bitwarden, KeePassX, etc). Do your research and make a decision that works best for you.
MFA (MULTI-FACTOR AUTHENTICATION)
MFA is a method of authentication where the user must provide multiple credentials to be granted access. With MFA turned on, an extra layer of security is placed on your account.
The most common MFA is 2FA (Two Factor). For example, I have 2FA enabled on my Instagram account. When attempting to sign in, I received a text message that contains a security code. To successfully sign in, I must type in the code on Instagram.
Plain text password | Hashed Value (SHA256) |
---|---|
BlueSky23 | 4ea43b6ae3a822b590102004398090f9cce0e13737a47cb2ca14a186f231e1b9 |