Login credentials for sale
Online credentials for Netflix, Airbnb, Gmail, Yahoo, etc., are readily available and at a very reasonable price in the Dark web.
“For sale” credentials were obtained by hackers using “brute-force” attack technique where various combinations of characters are used to find the match to the actual password.
Once the hackers obtained the leaked credentials, they tested them with other websites to see if the same credentials will work.
This action may result in one’s online properties being stolen – ex. money, identity, reputation, etc. Imagine the horror to have your sensitive data stolen!
Somebody could pretend to be you and steal your money from the bank. Or use your credit card to purchase whatever.
And sadly, these incidents aren’t uncommon. There are tons of security breaches and password leaks that have happened in the past years.
How to avoid being a victim of credentials theft?
To avoid such theft, the need for a strong password has always been a constant reminder for all online users.
Having a complex and unique password will give hackers a hard time to guess it, thus, protecting your online account and identity. With a more complicated password, the likelihood of intrusion will decrease.
How can we really say that a password is strong enough?
But how can we really say that a password is strong enough? Below is a guideline for creating a strong password.
- It should be long and complex, so guessing it would be way more challenging.
- It is made up of at least 10 characters with a combination of upper case, lower case, numbers, and special characters.
- It should not contain names or details of people related to the user. (Ex: partner’s name, children’s name, spouse’s birthday)
- It should not rely on obvious simple common words. (Ex: admin, password)
- It should not rely on obvious character substitutions. (Ex: 0 instead of o, 2 instead of to, 4 instead of for)
With the list given above, a user can already create a strong and complicated password.
But it’s too complicated that I forgot it!
With the guidelines given above, a user can already create a strong and complicated password. Now the problem is, how does the user remember it?
It’s really quite a challenge. Below are just a few recommendations on how to actually remember a strong password.
Create a sentence
A strong password can be created from a sentence.
This can be done by using the first letters of each word within the sentence and also using character substitutions to strengthen it even more.
For example, one can easily remember the sentence, “My favorite Marvel hero is Iron Man. I have watched all his movies.” The user can then use “MfMhi1M.1hw@hm” as his password.
The passphrase trick
One can also create a strong password using random unrelated words as a passphrase, and adding alternating characters where the words are joined.
Use random, unrelated words to form a phrase that makes sense to you.
For example, one can use the words “shepherd”, “space”, and “invaluable”, while using characters “&” and “}” as alternating word joiners. So the user can have the password “sh3ph3rd&spac3}Invaluabl3”.
With what has been discussed above, we cannot stress enough how scary it is to have any of your data breached.
Strong password + secured web forms = Reliable and trustworthy business
EmailMeForm significantly secures webforms by promoting the use of strong account passwords, especially for accounts with forms involving online payments or forms collecting sensitive client information like credit card information.
Multi-Factor Authorization (MFA)
As an added security, EmailMeForm can also enable Multi-Factor Authorization on their accounts to make sure only authorized people can access the account and form data.
For users who collect sensitive data like credit card forms, we require users to use the Vault feature for reinforced security.
Vault enables you to collect credit card information through not just a PCI-compliant, but a PCI-certified way.
With the use of a strong password and EmailMeForm’s Vault security features, online business like travel agencies can have peace of mind, knowing that their clients’ data are securely stored.