“12345”, “doudou”, “azerty” or “marseille” 20 In 2021, as in previous years, the most commonly used passwords in France looked like hacker invitations. How is the security of his data ensured in this case? We summarize in three points.
Why do we still have to use passwords in 2022?
If using “I love you” or the first letters of the alphabet as a password is not ideal, it is because the password is the first hurdle against digital intrusion: the more common it is, the easier it will be for the attacker to guess . Once completed, the hacker will be able to roam your bank accounts, health insurance or any other digital service.
France is one of the countries most targeted by data leaks, according to cybersecurity expert NordPass… And the French have a tendency to overestimate themselves, especially when it comes to phishing. However, these attacks that mimic an official email or SMS are often used to retrieve username / password pairs. Cyber-fishing and digital account breach are the two leading cyber security threats in France.
What are the rules for creating a password?
A good password is 8 to 12 characters long, according to government recommendations, and varies in lowercase and uppercase, numbers, letters and special characters. The goal is to slow down the brutal attacks used by hackers to automatically overcome this first hurdle. A secure password does not contain information about you or your loved ones that could be retrieved by searching the internet: without names, dates of birth or such indications. Do you have doubts about the idea you are developing? The Nothing 2 Hide association, which specializes in digital information security, invites you to test its robustness. Cnil, for its part, goes so far as to suggest the use of passphrases, which are longer, but also easier to remember than a word in which you no longer know where to place capital letters and special characters.
The following rules are to modify the default passwords and change the password for each service. Otherwise, once one of your accounts is compromised, your entire digital identity is at stake. Pay special attention to the protection of your e-mails, because through this box most messages are circulated to retrieve passwords from other services. To check if your credentials have been leaked somewhere, you can use the haveibeenpwned website or Chrome or Firefox extensions – if in doubt, change the password you are worried about. Never share them with third parties and, ideally, do not use them on a shared computer (or be sure to use private browsing and close all sign-in sessions before you leave).
How to maintain everything?
Complex to find your way? Do not panic, this is what password managers are for: they play the role of a digital keychain by storing the username / password pairs for each service. If you adopt one, you only need to memorize one thing: a very consistent passphrase that will be used to unlock the administrator.
In addition, if the password is the first barrier against intrusion, it is not the only tool available. Multi-factor authentication, widely used in the banking world, is expanding into more and more services. If you have a Google or Microsoft account, you may even decide to use this solution to improve the security of your accounts. This way, it will be impossible to access it without having your smartphone in hand.