Authentication
Authentication is the process of identifying yourself to a computer. In most cases this is done by a user id and a password. However, this process is constantly under attack by hackers. Obtaining user credentials is one of the main goals of any network attack. Weak authentication means that your credentials are at risk. Strong authentication makes your credentials a more difficult target
Password re-use
There are so many services that require a userid and password that it is tempting to use the same values for multiple services. This may be convenient but it is a bad mistake. Hackers learn to try the credentials they have obtained from one service on other services. As a result a simple intrusion can turn into a major threat.
So what can you do? One solution is to use a password manager. These are programs that can remember your credentials so you do not have to. You do have to remember the password to open the app and access your list of passwords. Some password managers will create passwords for you.
Here is a link to an article on the best password managers of 2017.
Another approach is to put the credentials in a simple text file, then encrypt that file or put it in an encrypted folder. Now you only have to remember the password to decrypt that file. What I like about that approach is that other information, like lock combinations, can also be stored there.
Selecting a strong password
Many systems require that a password be at least 8 characters long. In some cases mixed character case, numbers and special characters are required. The idea is to thwart the basic dictionary attack, where a list of words is used to try to crack your password. The ultimate method of password-cracking is the brute-force approach, where every possible combination of characters is tried. This is where having more characters in the password is important. With every extra character the computing power needed to crack the password grows exponentially.
As a result, many security professionals are recommending the use of a pass phrase instead of a password. The method I recommend is to find a song, poem, or other item that you can easily remember. Then use one or more of the lyrics or lines to construct your pass phrase. As an example, I may use the phrase "Lady Madonna children at your feet." This phrase has over 30 characters and would be hard to brute force. You may also substitute characters and come up with "L4dy M4d0nn4 ch1ldr3n 4t y0ur f33t" By remembering the song, the lyric, and your method of changing some characters you can easily construct extremely secure pass phrases.
Two-Factor authentication
One of the strongest approaches is to require two forms of identification for authentication. A common approach uses your cell phone or another mobile device. You first enter your regular credentials, then a code is sent to your phone by SMS. You enter the code and you are fully authenticated. This method will foil those who manage to access your credentials. Since they cannot provide the second factor (the code sent to your phone) they cannot compromise your account.
Google and many other services provide for two-factor authentication. If it is available you should consider using it.
Password re-use
There are so many services that require a userid and password that it is tempting to use the same values for multiple services. This may be convenient but it is a bad mistake. Hackers learn to try the credentials they have obtained from one service on other services. As a result a simple intrusion can turn into a major threat.
So what can you do? One solution is to use a password manager. These are programs that can remember your credentials so you do not have to. You do have to remember the password to open the app and access your list of passwords. Some password managers will create passwords for you.
Here is a link to an article on the best password managers of 2017.
Another approach is to put the credentials in a simple text file, then encrypt that file or put it in an encrypted folder. Now you only have to remember the password to decrypt that file. What I like about that approach is that other information, like lock combinations, can also be stored there.
Selecting a strong password
Many systems require that a password be at least 8 characters long. In some cases mixed character case, numbers and special characters are required. The idea is to thwart the basic dictionary attack, where a list of words is used to try to crack your password. The ultimate method of password-cracking is the brute-force approach, where every possible combination of characters is tried. This is where having more characters in the password is important. With every extra character the computing power needed to crack the password grows exponentially.
As a result, many security professionals are recommending the use of a pass phrase instead of a password. The method I recommend is to find a song, poem, or other item that you can easily remember. Then use one or more of the lyrics or lines to construct your pass phrase. As an example, I may use the phrase "Lady Madonna children at your feet." This phrase has over 30 characters and would be hard to brute force. You may also substitute characters and come up with "L4dy M4d0nn4 ch1ldr3n 4t y0ur f33t" By remembering the song, the lyric, and your method of changing some characters you can easily construct extremely secure pass phrases.
Two-Factor authentication
One of the strongest approaches is to require two forms of identification for authentication. A common approach uses your cell phone or another mobile device. You first enter your regular credentials, then a code is sent to your phone by SMS. You enter the code and you are fully authenticated. This method will foil those who manage to access your credentials. Since they cannot provide the second factor (the code sent to your phone) they cannot compromise your account.
Google and many other services provide for two-factor authentication. If it is available you should consider using it.