Keeping passwords safe

Security is a two-way street:

Just as passwords keep your personal information, bank accounts, social media, and many other platforms and accounts safe,

you must make sure your passwords are safe and securely managed by keeping them out of danger from sketchy websites or insecure apps.

Ways passwords are stolen

Passwords are sometimes stolen, cracked, or exposed by accident. But in many cases, you might unknowingly be handing them over!

Social Engineering

Attackers don't always "hack" their way in, sometimes they just trick you into giving information up. Phishing emails, fake login pages, or phone scams can convince people to type their password where they shouldn't. Always double-check who's asking before sharing sensitive information.

Open Source Intelligence

Open Source Intelligence, or OSINT for short, is a method of gathering as much public information on you as possible. Things like birthdays, family members, occupation, locations, hobbies, anniversaries, email addresses, or even old posts online can help attackers build a profile of you. With this, they make educated guesses at your passwords or create highly targeted attacks.

Insecure Apps

Not every weak point comes from a hacker. Sometimes websites and apps simply don't secure your data properly. If their system gets breached, your reused password could be exposed too. That's why it's important to avoid using the same password across different accounts.

Malicious Apps

Unlike poorly protected apps, malicious apps are built by attackers pretending to be legitimate. They may disguise themselves as games, utilities, or helpful tools, but their real goal is to steal your data. Some use tricks like fake login forms, hidden trackers, or even scanning your screen for information. Always download apps from trusted sources and be cautious with permissions you grant.

How to secure your passwords

Unless you have a photographic memory, it's nearly impossible to keep track of strong, unique passwords for every account. The best practice is to use a password manager, a tool that stores your passwords in an encrypted vault and even helps generate strong ones for you. Pair this with two-factor authentication (2FA) whenever possible, and you'll make it much harder for attackers to gain access.