As we rely more on online services to hold our personal data, password security is paramount. We’re all aware of how important internet security is, but rarely do anything to ensure we are safe. The password “123456” is not only still being used, but is the most hacked password five years in a row.
This is concerning, especially following much publicised hacks such as that of Hollywood celebrities in 2014. An Illinois man hacked the iCloud accounts of hundreds of celebrities, leaking their private photographs across the internet. The man accessed the accounts through targeting of usernames, security questions and passwords, using software to attempt a password up to 1000 times a minute.
While a high profile password hack like this makes the news and undoubtedly affects multiple people’s lives, our society remains largely unconcerned. Most of the time it takes a personal hacking to re-evaluate password security, as tech journalist Mat Honan discovered in 2012.
A number of his online accounts were compromised within the space of one hour. Honan’s accounts were “daisy-chained together” meaning the same password was in use across many websites, compromising them all, he wrote in Wired magazine. His MacBook, iPhone and iPad were remotely wiped of all data, while his Google account was deleted entirely.
“Over the years that same ID has evolved into a single point of entry that controls my phones, tablets, computers and data-driven life,” Honan said.
Experiences such as this can change our mindset about online security, especially when the amount we invest into our online accounts is constantly growing, from shopping and banking, to records of our personal lives.
Password checkers such as Kaspersky Lab’s can provide a solid reminder for how easily a password can be compromised. Long complex passwords with a mix of symbols, numbers and letters are much harder to compromise and therefore safer for the user. Consumers place their online identities behind these chains of letters and numbers, but many have not been educated on its importance.
Routine reminders for password security either come from having an online account hacked, or a website demanding a change of password. Password security is not something we are educated in. It’s never spoken about to us, only listed in an unengaging text format through website logins. In addition to this, passwords simply aren’t that interesting to most people.
This gap can be bridged by taking advantage of custom built services and apps that help manage people’s online identities. 1Password is an app created by developers AgileBits, with the philosophy to simplify password maintenance for users.
“It is untenable for most people to remember a unique and strong password for each account,” Chris De Jabet from AgileBits tells upstart.
“1Password’s goal is to help people create a unique and strong password for every site.”
While users often ensure they remember their passwords, 1Password creates passwords which are not meant to be remembered. 1Password suggests random and unique passwords for each of its user’s accounts, allowing for easy diversifying of logins to social media accounts, banks, online stores and more. If one account is hacked, the others will remain secure.
“One of our goals at AgileBits is to continually remove friction from folks being able to secure their most important data,” De Jabet says.
This friction, and the maintenance required to keep strong diversified passwords, is often too much for people to manage.
The random passwords 1Password generates are locked in the app behind a master password. This is the only password the user will have to remember, but also leaves a slight possibility of it being compromised, allowing for a domino affect from there.
More password management services are regularly appearing, adding to the options consumers have available. iCloud Keychain is Apple’s version of this, syncing passwords between the devices of their customers to ensure all passwords are automatically filled in.
“We’ve seen our customer base go from the extremely computer savvy to everyday people and their families,” De Jabet says.
1Password offers family and professional packages, and is continually expanding the service to become more multi-featured, and more importantly, streamline the entire experience.
For many, password security isn’t a priority, and it shouldn’t be. Many services exist to streamline online safety of consumers, and ensure that the compromising of online details and private information happens rarely.
The end game for this is consumers not needing to remember passwords at all. These fields can be automatically filled in once the device they are using has authenticated who they are, although this could be years away.
For the time being, consumers need to choose whether to proactively lock down their online security through these password strengthening tools, or leave the door to their identity slightly ajar.
Nathan Oakley is a third year Bachelor of Journalism student at La Trobe University. You can follow him on Twitter at: @oakley_nathan