Protecting Your Data With Strong Passwords and Multi-Factor Authentication

Protecting Your Data With Strong Passwords and Multi-Factor Authentication

Published October 31 2024

Last year, 17 billion personal records were compromised in data breaches, according to Flashpoint’s 2024 Global Threat Intelligence Report. As we rely more on digital platforms to manage professional, personal, and social aspects of our lives, and as cyberattacks remain a threat, it becomes increasingly critical to protect sensitive information from unauthorized access. Implementing strong passwords — and good password management — is perhaps the most obvious place to start securing accounts. Multi-factor authentication, or MFA, is another valuable tool to protect your data. However, the powerful combination of strong passwords and MFA provides a higher level of security and the ability to thwart cybercriminals.

What Makes a Strong Password?

Length, randomness (or seeming randomness), and uniqueness are key elements of strong passwords. When passwords don’t meet these criteria, they can leave your sensitive information more vulnerable. Personal information not to use in a password include:

Anything that could be used as a security question for multi-factor authentication should not be used in a password. Avoid weak passwords and give your data a significant first line of defense by creating a strong password. 

A website may only require your password to be eight characters long, but the Cybersecurity & Infrastructure Security Agency (part of the U.S. Department of Homeland Security) suggests making your passwords at least 16 characters long.

You can check out your password on Bitwarden to determine your password strength and estimated time to crack it. 

Make sure your password is unique.

According to password usage statistics, a quarter of Americans admit to having used passwords that are easy to guess, for example: 

Using such elements might help you remember your passwords, but they are not strong enough to withstand the efforts of determined cybercriminals. Random strings of uppercase and lowercase letters, numbers, and symbols make strong passwords, as do passphrases, which are phrases of four to seven unrelated words that are memorable to you (for example DogShrubBitterBoltMaze). 

Make your password unique.

Don’t use a single password for multiple accounts. When you reuse passwords, you put yourself at risk. If someone obtains your password for one account, they could more easily infiltrate other important accounts and information. Instead, create a unique, strong password for each online account you have.

With a long, random, unique password for every account and updating passwords regularly, it can be challenging to remember all your passwords and keep them secure. Password managers can help.

What Are Password Managers and How Do They Work?

Password managers are easy-to-use apps on your phone, tablet, or computer that can help you create, store, and use your passwords securely. When you employ a password manager, like Bitwarden or LastPass, you create one master password for the manager itself that generates, saves, and can automatically fill in passwords for your accounts on websites and apps you use. Password managers can also protect you from entering login credentials on insecure or fake websites.

Strong passwords and good password management are just one part of securing your online data. When you use MFA alongside strong passwords, you boost your level of online security.

What Is MFA?

Multi-factor authentication provides another layer of security by requiring users to enter more verification than just a password to log into their accounts. This could be a code texted or emailed to you that you enter on the app or website, or it could be biometric information like a fingerprint or facial recognition. With MFA, even if an unauthorized person obtains your password, they won’t be able to provide those additional pieces of identification, preventing them from accessing your account.

Are There Benefits to Enabling MFA for Online Accounts?

MFA provides benefits beyond securing simple logins. Businesses, particularly ones that handle sensitive data like health or financial records, can use MFA to help customers access their accounts more securely, building trust with them in the process. Using MFA can also help businesses ensure that only authorized personnel can access specific files or systems, even when they are working remotely. Additionally, use of MFA can help businesses comply with regulatory requirements surrounding the handling of sensitive information. 

Future of MFA and Security

MFA is helpful but has some issues. Many users find it a hassle to take extra steps to log in. It can also be complicated, which limits its use. As cyberattacks change, traditional MFA methods are adapting to respond. MFA will start using more ways to verify identity, like biometrics (fingerprints or facial recognition), behavioral patterns (typing speed), and context (location). It will also use artificial intelligence to spot unusual activity and potential threats quickly.

Passwords and MFA: Stronger Together

Strong passwords are a vital first defense against unauthorized access to your accounts, while MFA (multi-factor authentication) adds an important layer of backup security. If someone gets your password or if it's exposed in a data breach, MFA gives you extra time to change your password and helps protect your account from being hacked. Together, strong passwords and MFA offer powerful protection against cyber threats in our digital world.

Boost Your Cyber Defense With Cyber Clinics

CyberMontana offers Cyber Hygiene Clinics, four-hour clinics that cover a variety of cybersecurity topics — including passwords, MFA, and browser safety — in different cities across the state. The clinics will be held starting in November. Find more information at cybermontana.org and join us to build your cybersecurity skills.