Welcome to the Covve Security Series, our new blog series on how to protect yourself and your business online. Good cybersecurity hygiene is critical in the age of data breaches, ransomware, and other digital threats. Over the next few months, we will share some quick and easy steps you can take to effectively enhance your digital security and safeguard your data.
Data breaches are on the rise. Almost every day another major security incident is in the headlines. There were over 1,400 breaches in 2019 alone, exposing billions of sensitive records and passwords. Hackers are increasingly using this looted data to carry out credential stuffing attacks, taking databases containing millions of stolen passwords and forcing their way into victims’ accounts.
Since 2017, account takeovers have almost doubled, causing billions of dollars in financial damage. If a fraudster gains unauthorized access to an important account, such as your bank or email account, the financial or reputational damage can be devastating. Protecting customer data is more important than ever for businesses. As more and more of our lives become digital, good digital hygiene is no longer a luxury but a necessity.
So what can you do to protect yourself? The first and most effective step is to set up and use a password manager. Keeping track of dozens if not hundreds of passwords is nearly impossible. Most of us have passwords strewn all over, on post-it notes, in screenshots, or simply just forgotten. Because of this, users often resort to common passwords reused across the web. According to a recent Google report, 52% of online users still reuse passwords across multiple accounts.
A password manager makes all of those headaches go away, while at the same time protecting you from credential stuffing, brute force attacks, and other online threats. With a password manager, you can quickly create strong passwords, fill in login information from your phone and web browser, and securely manage your credentials all with a single app.
Here’s how to get started:
1. Find a password manager that works for you.
There is a wide variety of password managers available. You can choose a free, open source solution or go with one of the more popular, monthly-subscription services. If you want to use a password manager company-wide, many providers offer team subscriptions that make it easy to set up a common password vault, as well as individual vaults for individual employees.
2. Download the password manager app on your phone and browser extension on your computer.
One of the biggest benefits of using a password manager is that it makes it super easy to fill in usernames and passwords online. Download the mobile app on your phone or tablet to login to other apps and websites, as well as install the browser extension on your computer to keep your passwords synced between all of your devices.
3. Create new, unique passwords for all of your online accounts.
After you’ve installed the password manager on your devices, you can add passwords, PIN numbers, security questions, and anything else you need to keep safe. Once you’ve added your accounts, make sure you go through and create new passwords for any accounts that currently use weak or common passwords. With a single click you can generate random, unique passwords for each account.
If you are setting up a password manager for a business, make sure that all of your company’s servers are password protected. Unprotected and publicly accessible servers are one of the most common causes of data breaches and leaks.
4. Stay on top of your password hygiene.
Keep your eyes open for new breaches or leaks. If one of your accounts is compromised, quickly change the password and any security questions you may have set. As you create new accounts, make sure to generate random passwords using the app or browser extension. No matter what, do not reuse passwords across sites.
That’s it, you’re all set. Simply using strong, unique passwords for all of your accounts and the websites you visit will go a long way in keeping you and your data safe. A data breach at one company or website won’t lead to an all-out security meltdown that compromises your entire digital footprint and you’ll never have to worry about lost or forgotten passwords again.