An image published by the mayor of Sector 6, Ciprian Ciucu, in which he wanted to show the activity from the Intervention Center during the storm, revealed something else: a few passwords that should have been confidential. Printed passwords are an example of “so”. What can we do, instead, to protect our online accounts Silviu Stahie, from Bitdefender.
The image that sparked reactions on the Internet Facebook/Ciprian Ciucu
The image published by Mayor Ciprian Ciucu aroused completely other reactions than expected. People noticed the detail of passwords and commented on the Internet:
“I find it super fun to write Enter after IP”, “amateurs. Everyone knows that the password is held on a post-it, under the keyboard” and “finally, a security implementation that really reflects the level of local digitization” These are just some of the comments on the Reddit platform.
Detail from the photo published by Ciprian Ciucu
What are the best passwords
Silviu Stahie, specialist in computer security at Bitdefender, explained for the truth how we should put the passwords to protect us in the online environment.
What does a safe password look like?
It was a time when security specialists recommended very long, very complex passwords. This is not necessarily valid. More important than long passwords are unique passwords. We should have unique passwords for each service. And this is a much larger security hole than simplistic passwords. “According to the studies we have done in the market, around 40% of users reuse the same password to several online services. And when a service falls, more services fall to which we are subscribers. And the attackers know this very well. to the email, and elsewhere.”, Explains the specialist.
Use your password manager with confidence. Those integrated into browsers or paid ones don’t matter. Because that means we must always remember a single password, the one for the manager. In this way we can protect ourselves much better than to put long passwords, which in theory are hard to break, he says.
Unique does not mean that we add a “1” according to the password we have just put, because the attackers know these things and try them. And with “1”, and with “2”, and with “3”, because I know that these are very well-known habits.
Silviu Stahie, computer security specialist
How useful is the authentication in two steps?
It is a mandatory method, more than indicated for any service that offers this solution. But not all such solutions are equal. Of all, authentication in several steps by SMS is considered the weakest. There are cases where access to the phone number can be lost and passwords can be intercepted by SMS – this is the main reason why it is considered less safe. If we have chosen between several variants, it must be in the last place. If we have no choice but the one by SMS, then this is better than nothing.
The dedicated applications for the multiple factor are countless – and free, and with money – whatever it is very good, as long as it does this job, namely to put another authentication threshold if you lose the credentials. For someone to go through the authentication in several steps, they should also have physical access to your phone, for example.
How should public institutions protect?
Public institutions are organizations. And each organization, whether it is public or private, has to proceed. “The main method of defense against cyber attacks is to educate employees. Private companies, for example, have occasional tests in which employees receive an e-mail that is sent especially so that you do not know what to do. There are ways to educate employees, to be at least suspicious when they receive a message,” the expert.
The IT service can oblige the organization to change the passwords regularly, not let them use the same password when it changes. There are many policies of this kind that can be implemented, but it is about each organization, he adds.
How often do we need to change passwords?
“In the case of companies or institutions, it is not a bad idea to change them periodically. As users, we should not change our passwords often. Use the password manager, generate unique passwords for each, do not have dozens of characters, use the password manager’s suggestions and do not beat your head with change of passwords.”, Stations Silviu Stahie.
As a parenthesis, in recent years there have been many services that offer monitoring the online space for security breaches, when your password/email appears in a security breach. It is a very useful tool because you are informed.
“As long as we take a little care of the online presence, we should not be very careful about the passwords“He concludes.
