Will You Share Your Password?
Just recently, a Member of Parliament in the UK admitted on Twitter that she shares her login credentials to her staff. Her statement shook the Twitterverse with horrified replies from followers and spectators saying it’s a bad idea.
But if you are a person in a high position or title, like a boss, for example, would you really share to your staff your password to your computer?
Yes, because you’re the boss. You have a secretary or a trusted staff member to remind you of whatever things you need to be reminded of like passwords. But not all members of the staff has the same access. You can set a level or degree of access to a person.
But is it necessary? Maybe. There are devices, tools, systems, and websites that may only have one access and sharing login credentials is inevitable.
Maybe not. You’re holding an information that should remain high level. Exposing that information to a staff can pave way to leakages.
Also, sharing login credentials puts the computer and the person or organization at risk. With leakages and data breach being reported, information security has become a social and personal concern worldwide. There are information that has to be kept private and any leak sends people to paranoia. So to prevent such leakages, there are systems that provide different levels of access to multiple users.
No wonder the UK Parliament was hacked last June. Given the situation above, it is just surprising that some people are still naive or take information security lightly.
HOW WE CREATE PASSWORDS
Just look at some of our practices in creating passwords. Instinctively, we would use our names or birthdays or any basic information about us. So passwords like “06Dec_1980” may seem strong but it could be easily hacked because it’s an info about you that could be easily remembered.
We think of easy-to-remember words or phrases as passwords, also. Words like “incorrect”, “password123” or “youshallnotpass” seem intentional pun. But it could be easily hacked, too, for an obvious reason, they’re too easy to remember.
Infosec experts advise to use alpha-numeric passwords that also include special characters like the ampersand, slashes, etc. The longer, the better. This way, the probability of being hacked will decrease to 1 in 1 million or more.
There is also a way to secure any account and it’s called 2-Factor Authentication (2FA). Aside from your usual login credentials, you’ll be asked to put in a code coming from a text message from your cellphone. This way, it guarantees that your account is safe.
However, many skip the 2FA for an obvious reason: a little bit cumbersome. You have to wait for the message to come into your cellphone before logging in fully. But what if your cellphone was stolen? How can you get through the 2FA security? Tough luck!
More so, how will you be able to memorize different passwords for different systems or sites? So your tendency is to use just one password for all. But that is also a bad idea, experts say.
And your last resort? To write down all your passwords in one place, probably an app like Evernote or any notebook or password management app (which also requires a password, too).
Would you still share your password?
Pingback: Is your website pwned? - 3w Today