Have you filled out one of those Facebook quizzes recently? You know the ones – what was the name of your first family pet? What street did you grow up on? Which song was at the top of the charts when you were born? They look like innocuous questions, but these quizzes are actually a cunning way for cybercriminals to harvest valuable personal information, including your passwords.
A recent survey conducted by cybersecurity firm HackShield showed that two-thirds of respondents used the same three passwords for all their services and accounts. In our online-first age, this can mean 50+ different sites and applications. And the most popular password choices were personal to the user in some way. Street names, birthdays, pets… just the kind of information those “fun” quizzes ask you to provide.
Hacking techniques and objectives
But it’s not just human intelligence you need to fear the next time you type your childhood dog’s name into your bank’s online interface. Brute force hacking is a tried-and-tested method that is extremely effective in gaining access to your accounts. Using automated software, hackers can test thousands of possible passwords until they hit on the one that works. Brute force attacks are far more likely to succeed if your password is a commonly used one (“password” is a shockingly popular choice) or can be deduced from the information available about you online. And that brings us back to those data-harvesting Facebook quizzes.
A whole other layer of risk emerges when you repeat these passwords across different sites. A simple-to-crack password is bad enough, but if it instantly unlocks a number of essential services, then you’ve just made the hackers’ lives even easier. What’s more, the HackShield survey showed that just 5% of users proactively updated their passwords to keep their accounts even safer. In fact, most people wait until they have already been hacked before they change their access credentials.
Avoiding the risks
Given the risks involved, why do so many people carry on not just using identifiable passwords, but using them over and over again? It’s basic psychology. With so many crucial services now online, internet users fear finding themselves locked out of their bank account, email, or social media. So they pick a password they know they won’t forget and use it for all their most important logins.
But there’s an easy solution that protects you from identity theft, while making sure you always have seamless access to all your accounts. A password manager will generate a random string of characters for each service so that hackers can’t decode your credentials. It will store the passwords for you and automatically fill them when you log in, so you’ll never have to remember them again. And it will also prompt you to update them regularly for extra security.
At Perigon One, we’re always up to date with the latest cybersecurity tools. If you’re looking for support in keeping your passwords safe and your accounts protected, just get in touch.
