Happy New Year to all and to all, stop changing your passwords!
"What" I hear you say "actually stop changing my password often? But you have been telling us for.. years, many years that regular password changes make computers more secure"
Okay we admit it, we have been saying that but, times they are a changin. There are two aspects to this:
1. We (the IT industry) have mostly trained users to create bad passwords e.g. "Password1234". This is because it's just annoying to have to change your password every (x) months. Each time you have to remember your method (shouldn't use a method), then remember your childs birthday (deffinitely shouldn't use that), then in the end you choose something simple because, who has the time. We probably should have been training people to use memorable passphrases, but that time has been and gone, just like that Christmas tree that's dropping its needles everywhere, it's time to throw it out. Most passwords are weak, ergo not much use at all.
2. Cybercrime is rife, and passwords are not enough to protect your most important, and personal information. The UK Office for National Statistics say that in 2017 about 1.23 million incidents related to computer misuse (encompassing child pornography and hacking) were recorded.
in 2011 the most used passwords (according to splash data) were:
in 2018 the most used passwords were
This does not show a great improvement.
The Solution - 2FA
Two Factor Authentication (AKA: MFA/2FA/TFA). This method of signing in requires two things 1. Something you know like a password (or something you are, like a fingerprint) and; 2. Something you own, like a mobile phone or USB stick.
If your password is hacked the wannabe hacker still doesn't have the other half of the solution to log in.
2FA can be really quick and easy to use, as simple as clicking YES on your phone. And from now on, that is how IT companies like us will help protect you.