You type in passwords almost every single day, the most basic form of encryption used in your life. Yet the question remains: how safe is that password? Well if you happen to use a password that can be obtained from social engineering, such as the name of your dog with some numbers at the end, then it’s not very safe at all.
One of the world’s strongest passwords are AES-256 bit encrypted passwords and look like this:
4986DE8C6B2C0407EBB8832784DED21B0461521CD4E7FD4B (This translates to: DDIIsTheBest).
According to CNN, the world’s most common password in 2019 was 123456 (I’m not kidding).
The reality is no one is really going to use an AES-256-bit encrypted password and instead will use a generic password and recycle it on many different websites (I would never recommend this as it sets you up for a digital nightmare).
Encryption of personal data is important as it allows anyone to put a digital safe around files and sensitive information that you would not like anyone else to see or obtain.
Yet how can everyday citizens further encrypt their data to protect their privacy to allow themselves more privacy? Let’s dig in:
Fully Encrypting a Hard Drive (Internal or External)
Such tools like BitLocker come with Windows10 systems to encrypt the drive, yet it is regarded as a mediocre tool at best. Other encryption methods, such as VeraCrypt, allow users to fully encrypt the drive and create what is called plausible deniability, or the ability to prevent giving up a password to adversarial forces. This is critical when it comes to data that you do not want anyone to see and more importantly allow you to fall into the wrong hands.
Having a Password Storage App on Your Smartphone
Applications like LastPass allow users to keep their passwords digitally saved (instead of a post-it note or in a journal). If LastPass is being used on an iPhone you can use the app to copy-paste the password into the form directly from the app. This allows a streamlined process for logging into applications and allows the user to retain said passwords in an encrypted environment.
Not Buying an Amazon Alexa or Google Home
It has been revealed that these devices passively record what you say around them (even when not directly talking to it) and storing them on a cloud server.
In a recent article from The Washington Post, an Alexa recorded a private conversation without the explicit permission of the owner and forwarded said conversation to a random contact. This turned out to be a misheard command from the owner of the Alexa, yet a research company discovered a vulnerability that allowed Alexa to passively record conversations, which was promptly fixed by Amazon after it was made known.
This is not the only case of a smart device doing this. If you enable Google Assistant on an Android-based device, (it’s the feature that lets you talk to Google by saying “Hey Google”) and discuss cheap flights to Australia with your pal at the local dive, then do not be surprised if you start seeing ads for cheap flights to Australia in your internet browser. The Google Assistant will use your advertisement ID (your ID card for ads), to better advertise services that are relevant to you.
Using 2FA (Two Factor Authentication)
Now let’s say that you really like that password 123456 (again, I would never recommend having this as your password), but you want to make it more secure. Then you could add a 2FA token to that account. Google offers a 2FA service through the Google Authenticator app which requires a constantly changing token to be input upon a login attempt. This will add an extra step if your account is compromised because the said cybercriminal will have to have physical access to your phone in order to log in.
I happen to use 2FA on virtually everything that I have an account with. It is really the most common way to provide an extra layer of encryption to accounts that you will need to log into.
Not Saving Any Logins (The “Remember Me” or “Keep Me Signed In” button).
Although this is not really a type of encryption, it is a safeguard if your smartphone, desktop, or laptop is stolen. If the criminal gets access to your computer’s password and you had all your logins saved, they will have access to all your accounts.
It is for this reason that I constantly log in to all my accounts every single time I need to use them. It is the ultimate safeguard if you lose your device and if you value your digital privacy.
Creating a BIOS Start-Up Password
BIOS is the UI (user interface) for your motherboard. Think of the motherboard as the body of your computer and the processor of the brain. If you set a BIOS start up password for your computer, then before anyone can even turn it on, they need to input a password. Although this is not a guaranteed way to prevent log in (as it can be physically reset), this is a basic way to prevent not-so-tech-savvy individuals from accessing your computer if it is stolen.
In closing, if you implement strong passwords, use encryption in everyday life such as 2FA, and practice safe password management and generation, then you can help yourself lead a happier, more productive life in a world of constant breaches and cyber threats.