Better secure your accounts: with or without passwords?
Today, May 7, is World Password Day.
An important day to ask several questions about this method of protection and authentication. In a dynamic that tends to completely delete the password, one wonders if we can really get rid of it.
This article will also interest you: World Password Day
In any case, the password is not dead yet and it can still be used. Existing since 1960, the explosion of the Internet has highlighted for a while the use of this authentication method that has always done the par with the login. But the rapid development of digital services, the proliferation of web platforms and the adaptation of cybercrime through bad usage practices have tarnished the image of the mythical password. Users have so many accounts and services that require passwords that they are sometimes tempted to give in to ease. As a result, we will be entitled to the famous "123456" or "QWERTY" or worse, the adoption of the same password for several accounts. It's clearly dangerous.
Unfortunately, all this has made passwords very easy to hack. This regularly puts users at risk for not doing enough to not only build strong passwords, but also to adopt good practices. "There are also atrocities like qwerty, alert, motdepasse, password, throw and oth[prénom de mon fils]e[sa date de naissance]r. This list includes the 100 worst passwords of 2019. Simple passwords have become extremely easy to break via dictionary attacks. They won't be able to protect your accounts from attacks. It's easy to underestimate the value of the data behind an account that you don't think matters. However, a hacker could use it to get, for example, the answer to your security questions from your inbox. Romain Pomian-Bonnemaison, a journalist, explained.
He advises taking advantage of this day to reset your password. Indeed, this is the flagship advice given in the management of password authentications. It's about changing it regularly.
Alternatives to strengthen your passwords
For a while now, we've been announcing the death of the password. So far the latter is still holding up. But of course this is easily explained by the fact that it is rooted in the habits of users. Thus, removing it automatically may create a problem of convenience and adaptation. Because if the password alone is unreliable today, combined with dual factor authentication, it becomes formidable. However, the alternatives do exist to reinforce the password, and play their role quite well.
– The password manager: this is not really an alternative to the password since its role is to manage it. Rather, it will be said to be an adaptation to the needs of many users who typically have trouble withholding multiple passwords for their different accounts. The advantage of this tool and allow user to vary the passwords. This is safer. Some operating systems such as Mac OS have them in a native way. Others will even allow you to generate passwords that you won't necessarily need to memorize.
– Dual-factor authentication. Nor is it an actual alternative. Rather, it is a way of supporting passwords in most of the cases we see. When a person tries to log on to a particular platform, such as Facebook, after registering with their login and password, they will be asked to confirm the user's identity through a code that they will receive either by email or SMS. An extra layer of security that is very useful and regularly required or recommend.
– Security keys such as Google TITAN. These are the equipment that contains a certificate. Its use comes as a kind of double factors for authentication, but this time without code and send by email. Simply plug in your smartphone computer for authentication to be automatically validated.
On this we wish you a good world password day. Be careful, and be disciplined.
Now access an unlimited number of passwords: