When it comes to protecting our passwords, we swing to extremes: either we get paranoid or we get careless. That isn’t helpful, especially when there are so many security myths floating around. Take the following three, for example.
1. “Two-factor authentication is failsafe.”
Yes, two-factor authentication (2FA) is a smart way to secure your online accounts, and everyone should use it, but it doesn’t make your accounts 100% impervious to hackers, and you can’t get away with weak passwords just because you have 2FA enabled.
In all my years working in this industry I've seen exactly 2 effective security technologies stand the test of time: firewalls and 2fa
— Chris Rohlf (@chrisrohlf) March 8, 2015
That said, your accounts are a lot safer with 2FA protection than without it. Don’t forget to download the backup codes though.
2. “Passwords are secure with big companies.”
Big brands can give you the illusion of security. Since they’re big, they must be more vulnerable to attacks, right? And therefore they take more measures to protect themselves and their users, right? That’s the reasoning we all fall prey to.
Sadly, that reasoning doesn’t work. Many companies are known to store passwords in unencrypted form (i.e, plain text). The size of the company doesn’t matter. That’s why even for big name accounts, you should continue to follow the same best practices that you follow for other accounts.
3. “Password checkers are accurate.”
When you’re creating a password, having the password checker say something like “your password is 98% strong” can make you feel safe, but it’s not a reliable way to judge how vulnerable your password is to attack. The good news is that the password meter does make you serious about creating strong passwords.
discovered another security layer beyond 2FA, let your 2 year old hide your iPhone somewhere in his/her toy collection. Very effective.
— Adam Maddox (@adammaddox) April 9, 2015
Debunked myths like these can help you pay attention to your digital security and still accept that there’s only so much you can do about it.
Are there any password security myths that you believed to be true and yet got dispelled? Tell us about them!
Image Credit: Password Note by shutteratakan via Shutterstock