Complex Passwords and Multi-factor authentication (MFA)
As a part of an organization’s security plan, as well as for personal use cases, the use of complex passwords is of utmost importance. A quick google search on the topic “password cracking tools” yielded the following most popular password cracking tools. Aircrack-ng, Cain & Abel, John the Ripper, Hashcat, Hydra, DaveGrohl, and ElcomSoft. As you can see, there are plenty of tools available to bad actors to try and crack your password. To combat these applications, the use of longer character passwords and more complex passwords is best. A 12-character password that only uses numbers will take just a second to crack, but a 14-character passwords that use numbers, symbols, upper case, and lower-case letters can take millions of years. So longer and more complex is the way to go when it comes to password creation.
If and when possible, another mechanism that can be combined with a complex password is multi-factor authentication, commonly known as MFA. You may ask, what is MFA. MFA is when you have to present a code that is often sent to your cell phone when attempting to login. Codes can be sent to an email address or a code could be given to you in an authenticator app, like Google authenticator or Microsoft Authenticator. Once registered for MFA, many services will alert you to the fact that a request to use your account was attempted unsuccessfully.
Here are 5 benefits of implementing an MFA capability:
1. It assures consumer identity.
2. It meets regulatory compliance.
3. It complies with Single Sign-On (SSO) solutions.
4. It adds next-level security, even remotely.
5. It is an effective cybersecurity solution.
For most organizations, implementing MFA is single-handedly the most effective network protection capability that can be implemented. Implementing MFA should be combined with a strong password policy because not all network locations and\or resources can be made to accept MFA capabilities.
Attackers will always exist as long as there is a digital world to target, therefore maintain vigilance by implementing strong password policies and MFA solutions in your environment.
