INTERNET users are advised not to rely on passwords and verify their account settings today.
Anyone using big services with lots of important data – like Google, Facebook or Outlook – needs to take action, cyber experts warn.
We’ve known for years that passwords aren’t great protection against hackers.
But even strong passwords that you only use for one app at a time aren’t a perfect solution.
Now security experts from cyber firm Malwarebytes Labs are warning users not to rely on passwords alone.
“As the use of computers and the Internet has exploded over the past forty years, the number of passwords each of us has to remember has skyrocketed,” the experts said.
“It’s just not possible to remember that many passwords, and the number of passwords we need to know has probably exceeded the number we can remember decades ago.”
Cyber experts urge users to adopt password managers.
These are apps that store your passwords for you, so you can use complicated ones without remembering them.
If you have an iPhone or another Apple product, you can already use iCloud Keychain to do just that.
But even password managers are not enough.
“We may have seriously overestimated their importance,” Malwarebytes Labs warned.
“A strong password won’t protect you from a credential stuffing attack, phishing, or keylogging malware, for example.”
Instead, experts say we need to start using two-factor authentication as much as possible.
This is when you are given a code – often by text – to log into an application, in addition to your password.
“Just having to enter a code from an app alongside your password is a game-changer: it kills credential stuffing, password spraying, and brute-force attacks at dead,” Malwarebytes Labs explained.
“So from now on, my password advice is: if you have time and energy to waste, find a place where you don’t use MFA (multi-factor authentication) and set it up. “
You’ll usually be able to find it in your password settings on any app you use.
Unfortunately, not all apps offer two-factor authentication, but you should enable it whenever possible.
Passwords, bye bye!
Apple has even gone so far as to try to ditch passwords altogether.
iPhone owners are encouraged to try a new system that replaces passwords entirely: Passkeys.
It was added in the latest iOS update, so first check if you have iOS 16 by going to Settings > General > Software Update.
Instead of registering (or logging in) to a website using a password, you will use an access key.
This is a digital key that you don’t need to remember.
And you simply authenticate who you are using your fingerprint (Touch ID) or your face (Face ID) on an iPhone or Mac.
The connection will be just as fast and means you will have a connection that simply cannot be guessed or disclosed.
Your passkeys are stored on your devices, but will sync across multiple gadgets using Apple’s iCloud Keychain, which already exists to track passwords.
Nobody can read your Passkeys, Apple included.
And that means you can’t be tricked into phishing a password, because you won’t have any information to hand over.
The ultimate plan is to allow Passkeys to work on non-Apple devices as well, including Windows laptops and Android phones.
Both Microsoft and Google have been developing passwordless systems for years.
Best tips and hacks for phones and gadgets
Looking for tips and tricks for your phone? Want to find these secret features in social media apps? We have what you need…
Get all the latest stories from WhatsApp, Instagram, Facebook and other tech gadgets here.
We pay for your stories! Do you have a story for the Sun Online Tech & Science team? Email us at [email protected]