Dubbed the ‘world’s most dangerous search engine’, the website Shodan is a playground for hackers. Unlike other search engines Shodan looks for specific information on internet connected devices that can be invaluable to hackers.
Shodan can find details and often help hackers access personal files on web-connected devices around world which include computers, smart phones, web cameras and fridges. It’s estimated that all of the devices that are discoverable through Shodan, roughly 11 million are in the UK. Because of this it’s believed that thousands of Brits could be vulnerable to cybercrime.
What’s more, Shodan also allows hackers to search for specific details on web-connected devices which means they can carry out targeted attacks on specific areas by searching for IP address or even search for devices that have no password protection or use default passwords ‘qwerty’ or ‘1234’.
The Information Commissioners Office has warned that default passwords manufacturers use are freely available on the web so it is important to change this especially on new devices. A report from Telesign, an internet security company, found that 30% of UK consumers have experienced an online security issue in the past year. Interestingly consumers have an average 24 online accounts which are all protected by only 6 unique passwords and 47% use passwords that are more than years old.*
According to Cyber Streetwise 75% admit they do not follow best practice to create complex passwords.**
So how can you protect yourself?
This year the UK has already seen a number of big data breaches with companies such as carphone Warehouse and holiday company Thompson all hitting the headlines for data losses. These stories are good reminders why it’s important to do your bit to protect your personal information and up the security on your online accounts and devices.
One of the best ways to do this is to make your passwords as strong as possible to deter any hackers. Below are a few of our top tips for creating a touch to crack but easy to remember password:
Lots of online accounts? Use unique passwords for each
The Consumer Account Security Report from TeleSign found consumers hold an average 24 online accounts all protected by only 6 unique passwords. Much like you wouldn’t use the same key for every lock, you don’t want the same password for every online account. If a hacker was to discover just one of those passwords they could potentially have access to multiple accounts you own. Even if the difference is small it’s better to use different passwords for every account so the damage is far less great if one of your accounts were compromised.
Top tip: If you do want to use the same password for most accounts then be sure you always use a separate and completely different password for your work account, bank accounts, credit report and your personal email.
Mix and match to make them $tR0nG and memorable
When it comes to passwords, bigger really is better as a long password is tough to crack and can be even tougher if you use a combination of upper and lower case letters, numbers and symbols. It’s a good idea to steer clear of the obvious passwords especially things like maiden names and pet names which can often be easily found by snoopers on easy wins on social networking sites.
Creating complex passwords that you’ll remember doesn’t have to be daunting all you have to do is think of a memorable phrase and make it an acronym. For example, if you take the sentence ‘My parents have four cats and a dog’, it could become ‘My parents have 4 cats & a dog’. With just that simple phrase you’ve suddenly got a strong password of ‘Mph4c&ad’.
Top tip: Callcredit security suggest that you never use passwords of 7 characters or less, or use ones made of one or two common words, even if letters are substituted for numbers (such as L33dsUtd).
Double up the security
Many of us with smartphones tend to leave them logged in to our email inboxes and social media pages. It’s easy and convenient for us but that means it’s easy and convenient but that means it’s also easy and convenient for fraudsters too especially if you’re using public wifi. For this reason it’s important to always add an extra layer of protection. iPhones have a two-factor authentication system for your Apple ID which means that every time you sign in to your Apply ID from a new device you’ll need to verify your identity using a unique verification code sent to one of your trusted devices. This system is built-in to iOS 9 however if you have an Android it can be activated through your Google account.
Switch it up
You might have created a strong password using a phrase you can easily remember but how can you adapt that to each account you use? No matter how strong it is, if you use it for every account then you’re back to square one if someone does manage to hack it. Callcredit recommend using a memorable prefix from each website you use your password for and adding it on.
If you use your password from above “Mph4c&ad” you could try adding the last two letters of each site to the start of the password. For example:
For Facebook – okMph4c&ad
For Twitter – erMph4c&ad
For Amazon – onMph4c&ad
For more information on how to keep you, your family and even your business safe online, why not check out Cyberstreetwise? It’s a free government initiative funded by the National Cyber Security Program which aims to significantly improve the online safety of consumers. Find out more by clicking this link.
If keeping your identity safe online is a priority for you then you might also be interested in checking our Noddle Identity Projection.
*Telesign Consumer Account Security report, June 2015: https://www.telesign.com/site/wp-content/uploads/2015/06/TeleSign-Consumer-Account-Security-Report-2015-FINAL.pdf
** Three quarter of Britons risking online safety: https://www.cyberstreetwise.com/blog/three-quarters-britons-risking-online-safety