It’s Cass again. I hope you enjoyed my first article, “Your Start to Better Personal Security”. In today\\\’s follow up we will be discussing . . . password security!
I know, I know, we all use passwords everywhere all the time, and surely you know how to pick a good one. Besides, what does my password have to do with my crypto? Well, I’m glad you asked; your private keys are only as secure as your local machine. You have to set up your access to MetaMask using a machine, and once MetaMask is functioning, you access it using your password. Those actions make your password a very need-to-know piece of information, and no one needs to know that information but YOU!
So, what are some reasonable steps to take regarding creating and managing your password security?
How strong is your password?
First, your password becomes much much stronger the longer it is and the more special characters you include.
Here\\\’s a trick: create a sentence that is easy to remember and 1337 Sp33k it! But, make sure it isn’t a famous quote or song lyric those are often found in lists that are used to try and crack passwords. An excellent example of a strong password is “Th3_f@RmEr’s-Dau73r_we4T~t0_$Ch0oL”.
You should change your password regularly. So, let\\\’s discuss creating replacement passwords. When creating new passwords, do not use the same structure. For example, from the earlier used password, “the_FarM3R’S_d@u7eR_wEnT-t0~Sch00l”. Using the same password structure increase the attacker\\\’s chances of determining your password. Do not reuse your passwords.
Where is your password?
Second, you want to create something that you can remember easily, which is why a phrase is helpful. It becomes less secure if you have to write it down or store it somewhere. Think about the person who breaks into your home and sees your password written next to your laptop; this password is the same password for everything. Now he has access to your online fiat banking, crypto, and anything else you might use your laptop on.
What about those who save their passwords with services? Sure, they claim to be secure but so did Equifax.
What happens when they get breached? All of your passwords become compromised.
With those things in mind, it\\\’s clear that storing your passwords outside of your mind is not the best route. If you must save your passwords, keep them on a password-protected encrypted drive that is disconnected from everything and locked in a safe (preferably at another location).
Beware the malware!
Now you have a solid password; you’re not writing it down and you\\\’re not storing it anywhere. That has to be safe, right?
Wrong. You still need to consider malicious software. You may be targeted and receive attacks via your computer. Your antivirus and all other malicious software protection methods must be kept up to date to best protect yourself from being infected.
Password Security Final Risks
Finally, that leaves us with only two more possibilities. Another service gets breached, and your data gets leaked. You can take other PerSec measures to limit the fallout, but you can’t control the data once placed in someone else\\\’s control. Then there is you, and you are your most significant security risk.
Till next time continue to ask yourself, What if….?
If you\\\’d like to discuss this article, join us in our Discord thread on the topic! We want to know your takes on password security!