Password safety: tips and tricks to keep your accounts and coins safe
Unique strong passwords
One of the basics about password security is the usage of unique passwords. Several widely used services have been hacked like Dropbox, yahoo, LinkedIn, … . These lists of usernames and password are being used and sold. Hackers use scripts to try out the combination of username and password on several platforms like Gmail, Hotmail, Facebook, … in the hope that the credentials can be used to send spam, digital theft, credit card theft, …
You can check your mail address at https://haveibeenpwned.com/ to see if you mail address is in 1 of the leaked databases of previous hackings. When I check my own mail address I see that I’m the victim of 6 site breaches.
Use strong passwords!!! Don't use 123456 - azerty - qwerty - ... but use a password generator to create a long password with capital letters, numbers and special signs. This is important for 2 reasons. Several sites allow a lot of attempts to log in so hackers can try lists of regular used password to try for a match.
It's also safer in case of a website breach. Most website use hashing to encrypt password databases. In case of a breach the passwords are not stored in plain text. But everyone who uses 123456 has the same password hash so hackers can filter on these and retrieve your password. They use Rainbow tables for this.
I use the password generator build in KeePass to generate strong unique passwords.
Use a password manager to store all you unique passwords. You only have to remember a master password to unlock you password manager database. I personally use KeePass for years but other popular free password manager are LastPass, Dashlane, 1Password, RoboForm, Sticky Password.
Very important when using a password manager is a backup of your password database!!! I sync my password db with versioning to my NAS and take an hourly backup with versioning to cloud storage. If your pc's crashes, is infected with a cryptolocker virus or if you accidentally delete a folder you risk losing all your passwords.
Patch your software
Even if you apply all steps above you are at risk if your PC is breached by a virus who install's a keylogger and records all you passwords.
- Always install the latest updates of your OS (windows, linux, mac, ...).
- Keep your browser up to date with the latest version.
- Keep Java, adobe flash player, adobe reader, microsoft office, ... up to date
Anti-malware softwareInstall anti-malware software. I personally use Kaspersky anti-virus but there are also several free suites on the market.
- Don't open suspicious mails
- Don't visit suspicious sites
- Watch out with free software you find online or with cracks to use paying software for free
I hope these tips help to keep you and your accounts safe fellow steemians. It's not only the crypto exchanges who get hacked, stealing crypto's is big business for malware makers.