Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, is reminding Malaysians to exercise caution when creating or resetting their passwords, especially on their social media accounts. Malaysian Communications and Multimedia Commission (MCMC) urged Malaysians to change their Facebook and Instagram passwords, following news reports that millions of Facebook user passwords were accessible by the company’s internal employees.
“Being diligent about creating strong passwords and updating them regularly is the first line of defence in securing your personal information. Maintaining strong passwords and having a password strategy which you can easily manage that others cannot easily guess is an essential cybersecurity effort that every individual should practise.”
Gavin Chow, Fortinet’s Network and Security Strategist.
According to the recent Verizon Data Breach Investigations Report, about 81% of breaches leveraged either stolen and/or weak passwords. The problem is compounded because one of the biggest risks to data security is the re-use of passwords across accounts where 83% of people have admitted to reusing passwords across multiple sites.
Fortinet advises social media users in Malaysia to consider the following best practices creating new accounts or updating well-used passwords:
1. To add an extra layer of security, use multi-factor authentication wherever possible. This confirms your identity by utilizing a combination of multiple different factors, such as something you know or something they have, such as a token generator on your smartphone.
2. Never repeat the same password for different accounts.
3. Change your passphrase at least every three months. This will lock out cybercriminals who may be using your account, protect you from brute force attacks, and remedy the issue caused by cybercriminals who purchase lists of usernames and passwords obtained through data breaches.
4. Ensure no one is watching as you enter passwords.
5. Be cautious when downloading files from the Internet as they may contain key loggers as well as password grabber malware variants that will compromise your password. A good practice is to regularly scan for the presence of such malware.
6. Use a cloud-based password manager to enable you to create and store strong passphrases. Password management tools allow you to securely store an encrypted list of passwords in the cloud that can be accessed from any device.
While some may feel like common sense things, implementing a strong password is one of the easiest ways to protect devices, personal and corporate data from being stolen by cybercriminals. The basic rule of thumb is the longer and more complex the password, the more difficult it is to crack.
“Passwords are like toothbrushes — choose a good one, never share it, and replace it quarterly.
The best password is a strong passphrase, impossible to forget and difficult to guess, even for
someone who knows about personal details of your life,” concluded Chow.