Keeping your account secure with a strong password is highly important, but many people don’t know how best to do it. As a result, we have put this guide together showing some of the best security practices that will help keep your iCE3X account safe. Plus, these tips don’t just apply to your iCE3X account, they apply to all of your online accounts. Thus, this guide will help you stay safer while browsing the web and creating any online accounts that require a password.
Choosing a Strong Password
Hackers have 2 default ways to get into your online account. They will either: attempt to guess your password (these are usually personal attacks), or they will ‘brute force’ attack your password (trying all password possibilities). This is why using a strong password will make it extremely difficult for someone to guess. If your password is configured correctly, you could even make it brute force proof, taking decades for it to be broken.
A strong password is long, complicated, and unpredictable.
There are many do’s and don’ts when it comes to choosing a secure password for your online account. Some of these are:
- Use a combination of letters, numbers, symbols and upper case and lowercase characters.
- Make sure you use a different password for each online account you create.
- Use unpredictable passwords
- Make your password longer than 12 characters
- Change your password regularly
- Look into using a password generator (some password manager apps/programs offer this feature)
- Make sure the strength of your password is deemed GOOD by the website you’re using.
- Repeat 1 password for all your online accounts
- Use predictable or common words for a password
- Settle with the default password
- Use a password with less than 12 characters
- Keep your passwords for over a year
- Enter your password in a public space
- Share your password with anyone else
- Use the same words twice within a password
What should a strong password look like?
Nowadays, ‘good passwords’ are hard for people to remember but easy for computers to crack. This is most likely why most people use the same password for all of their accounts. A simple yet innovative way to create a strong password is to follow this image:
This image demonstrates how easy it is to create a very strong password. After all this time, most of our passwords are simple 1-word strings of text and numbers. For a hacker using a brute force attack, cracking passwords like this is easy. This method of creating a strong password plays to the computer’s weakness, as well as any personal attacks. In the first tile, you can see a 1-word password, the most common type used today. The problem with this, however, is that it’s highly predictable.
Most people will capitalize the first letter of their passwords, they often swap out letters like the ‘o’ for the ‘0’ and other common substitutions, then end the password with a number and a symbol in any order. If you’re feeling nervous about your password choices, you should be. But it’s normal. Humans choose passwords that are easy to remember for convenience, then try to spruce it up with some numbers to make it ‘more secure’.
Man Vs. Machine
The problem with using passwords like in the first tile of the image is that it has around 28 bits of entropy. This means that a machine would take about 3 days to crack this password if it was doing 1000 guesses/second. This is an easy crack for a hacker using a brute force attack. However, once using four random words, you bring 44 bits of entropy to the table. For a computer to crack this at 1000 guesses/second it would take 550 years. While passwords like this can be somewhat hard to remember, you can combine this method with the passphrase method and you’re good to go.
Now, if you wanted to make it even more secure, you could add a few more things such as; A combination of both uppercase and lowercase letters, and numbers and symbols. If you’ve ever used a password that was weak (something everyone has done), it was more likely for convenience rather than not wanting your account to be secure. It can be tricky to remember passwords after all. Luckily, there are several ways you can keep all of your passwords without needing to memorize them:
- Write your passwords down (and make sure you keep them hidden, far away from your computer)
- Use passphrases (instead of using words, use a long phrase as your password)
- Use a password manager (program or app used to securely store all of your passwords)
Keep your passwords secure by using a mix of numbers, letters and symbols. Try to use phrases for your protected passwords. An example of a safe password is AdvancingT3chnologyAcros5Oklahoma! pic.twitter.com/JoC9AlDGxA
— OneNet (@OneNetOK) January 15, 2019
The Most Secure Password Option
Of all the three options for remembering your passwords, we believe a Password Manager is your best option. While writing down your passwords can be somewhat secure if you don’t leave them in an easily accessible location, but it’s still a risk. If someone were to break into your house and find all your passwords on a piece of paper next to your laptop, they would have hit the jackpot. In addition to this, when you’re out and about, you won’t be able to look at your passwords.
Passphrases are long, memorable phrases using dictionary words. However, it is much harder to guess than a short password. An example of this would be if your cat’s name is Sensi, a variation of this (Sensi123) is both weak and predictable. On the other hand, turning this into a passphrase (Sensi2c00l4sch0ol) is significantly more secure. The only downside is that passphrases are often harder to remember, but it’s well worth it.
Password managers are the best option of the three. They allow you to use complicated passwords without having to remember them. These managers are usually a program or a browser app that records and auto-fills all of your password information for you.
Some people worry about using a manager because the company might get hacked and lose all their passwords. This is a valid concern, but a password manager is still more secure than trying to remember all your individual passwords. They use strong encryption methods.
It is important to note that you need to keep your password manager account as secure as possible. Be sure to make that one the strongest password you can think of, and turn on two-factor authentication as well.
Protecting Your Passwords From Phishing
Phishing is the term for when online criminals attempt to get their hands on personal information. This usually consists of bank details and passwords. Most phishing attempts are seen on fake websites, direct messages, emails, and even social profiles. Most financial services and cryptocurrency exchanges find this to be a large problem as hackers phish for wallets. Regardless of if your passcode is secure or not, you’re still at risk of a phishing attack.
We have talked about how best to avoid a phishing attack previously, but here is a summary:
Always remember to:
- Make sure the web address in your browser is correct. To be extra sure you’re not on a fake website, type the web URL (e.g. iCE3X.com) directly into your browser instead of searching for the name. Sometimes if you’re on a fake website the link will look similar (e.g. lCE3X.com) so you should stay vigilant.
- NEVER send your password to anyone at any time. Be that by email, an instant message, text or over the phone. Most companies you have an account with would never ask for your password. Instead, they would tell you to reset it by sending a reset link to your email.
- If you’re not sure about an email you’ve received, don’t click any links on it. Some of these links can link you to malware, fake sites, and many more possibilities. It’s best to stay away from these emails. Type these links directly into your browser instead, or if you’re tech-savvy, use a virtual machine.
- If you think you’re on a fake log-in screen, enter an incorrect password. If it logs you in, you were on a fake site.
2 Factor authentication adds an extra layer of security to the login process. After you enter your username and password, before you can log in fully, you must complete 2-factor authentication. This will usually require you entering a passkey sent to you via SMS or an app like Google Authenticator.
Turning on two-factor authentication (2FA) is crucial when it comes to securing your accounts.
While it’s true that 2FA makes the log in process more time consuming, it’s essential for securing any of your important accounts. If you use email, online banking or even your iCE3X account, enabling 2FA is important. If someone gets access to your computer from a remote location, they probably won’t have access to your phone. With 2FA enabled, getting hacked is like getting a text to change your passwords.
Do you have 2FA enabled? And how secure have your passwords been? Let us know in the comments below!
The post Best Tips on How to Choose Secure Password! appeared first on Cryptocurrency exchange: buy/sell/trade bitcoin & altcoins | iCE3X.