When was the last time you changed your password for your email or Facebook? Many people think that “it does not matter – who wants to hack me?” when it comes to their personal network security. Unfortunately, there are many who want to hack you. Not necessarily you personally but they want to hack everyone they can.
There are people who create programs to hack passwords that simply test lots of different words, combinations, etc. until they find the right one. With computers connected to databases with dictionaries and similar, this can go terribly fast. Simple passwords can therefore be hacked in no time. If you then also have the same easy password on all your accounts, your entire digital life is available in a snap.
By simple password, we mean, in principle everything that is shorter than 12 characters and contains regular names or words that are in the dictionary, social security number/year of birth, repetitions, etc. With this in mind, most people’s passwords online are simply not strong and secure enough.
Since our e-mail accounts are used as backup for passwords on a number of pages, you can, by hacking someone’s e-mail, go in and say that you have forgotten the password to a lot of other pages and thus get these through the e-mail.
As society and everyday life become increasingly digital, the necessity for high network security also becomes increasingly important.
Are you starting to get worried? Good, because it’s important to take this seriously. But just be calm:
When you have gone through this whole post, you will have learned lots of new things and, above all, found out what measures you should take today to be able to sleep safely at night from now on, assured that your digital life is protected.
In this post, we will go through:
- The reasons why someone wants to hack your personal accounts
- Why people want to hack your blog or website
- How to create strong and secure passwords
- Two-step verification – what it is and how to use it on social media and WordPress
Why does someone want to hack me?
The purpose is usually money, of course. There is both spam and fraud that can be done through your email, Facebook, or other social media. Suddenly, your Facebook friends may receive messages from you claiming to be abroad and in trouble – can they deposit money for you? Or your Facebook account suddenly starts to manically suggest a page or product.
Suddenly your friends get emails from you with an image link that spreads viruses on their computer or throughout their corporate system!
Spambots (programs that send spam messages) are automated and therefore cheap to operate and are about sending out such large amounts of messages that even if 0.000001% of the recipients actually respond or spend money, the creators of the spam still make a profit.
Other spam may have the purpose of collecting email addresses or telephone numbers which they then resell. More advanced hackers and fraudsters may have more long-term strategies for scamming people for money where they build trust and appear credible. You can also risk losing control of e.g. mail and Facebook accounts which can lead to identity theft.
Blogs and websites
There are many reasons why many people are trying to hack your blog or website into this now. For example, to spread spam and similar.
WordPress sites are often exposed to hacks where spam pages are posted as subpages on your blog which can then be very tricky to get rid of. There are also more advanced reasons such as linking your site with a larger bot network (botnet) which can then be used to give more power to larger hacks on other sites.
Your site can also be used to store viruses such as Trojans and the like, so if these are detected, they will not be traced to those who are really behind but to your site. If you have a large blog or a well-known company, people can try to hack these just to simply fuck, brag to friends, to sabotage or in the worst case try to silence you.
To create good, strong and secure passwords:
Summary:
- Have several different ones
- Long (at least 12 characters)
- Unique (mixed letters, numbers, characters)
First of all, it is good to use different passwords for different sites and accounts. By having different passwords, you do not risk that all your accounts can be hacked if someone cracks one of your paswords. Of course, it is problematic to have a secure and strong password on the one hand (and several different ones as well) that you should then also remember.
A lot of people tend to opt for less good passwords for places that are not important or do not matter – because if that database (where my user data is stored) would then be hacked, that password will not be able to be used for anything important. You should, however, have the strongest passwords for email, Facebook, and other important accounts..
As I wrote earlier, a good password should be at least 12 characters long. It should also contain a mixture of lowercase and uppercase letters, numbers, and characters. Of course, you should avoid all names, words, and other things that may be associated with you. Like the names of children, siblings, the street you live in, the city you grew up in, and so on. Also years, e.g. your birthday is a big no-no. But even words that can be found in a dictionary should be avoided.
The best tip is to try to come up with something completely random, e.g. you can use some kind of memory rule for yourself. That you read words backward, or the first letters of a sentence.
At first, it may be smart not to let the browser save the password so you are forced to type it often. The more often you type it, the faster it will stick. You shluld write down complicated passwords somewhere, e.g. on a note that you hide somewhere.
That way, you have a backup in case you forget what you came up with. On the other hand, it is stupid to write a post-it note with the words: “Password to Facebook” and paste it next to the computer.
Two-step verification for Google (Gmail, youtube, etc.), Facebook and Twitter
So, what is two-step verification? Yes! This is when more than just your password is required to be able to log in to your accounts. An SMS code will then be sent to your mobile with which you verify your password. This way you can decide which computers you trust and even if someone manages to hack out your password, they will not be able to log in to your accounts – good, right?
To set up 2-step verification on Google, just go to this page and follow the instructions. There you will receive an SMS code for your mobile which you then enter to show that the computer you are currently using is secure. The page also shows how to verify your google account for email and the Youtube app on mobile m.m. By specifying different devices as secure, you do not need to verify them again.
Here is a step-by-step instruction on how to find the two-step verification setting on Facebook (on your computer):
- Click on the small arrow at the top right when you are logged in:
- password network security two-step verification facebook
- Select Settings
- password network security two-step verification facebook
- Select Security:
- password network security two-step verification facebook
- Click “Edit” next to the “Login approvals” option and check the box – then follow the instructions.
password network security two-step verification facebook
When you are still working, you can take the opportunity to check under “Where you are logged in” and deactivate login on all devices that you do not use for security reasons.
WordPress
Security on WordPress is actually a whole chapter in itself. But now we’re talking about passwords and two-step verification. Having a secure password for your WordPress site is extremely important based on what I wrote above about how easily sites can be hacked.
There are plugins like Clef logs that incorporate third-party authentication on your WordPress site.
It then works so that when you want to log in to your blog, you first log in to the app (with PIN, password or touch ID), scan the pattern that appears on the login page with the same pattern that appears on the screen of the phone. You can then set a timer for how long you want to be logged in before Clef logs you out automatically.
Of course, this procedure has its drawbacks – e.g. if you do not have your mobile phone on hand when you log in. But considering how incredibly complicated and demanding it can be if your website is hacked (and how great the risk actually is that it can be), it’s worth it.
So – with secure and strong passwords plus two-step verification on your most important accounts, you can feel safe. Since most people use very simple passwords and do not know the risks of this, you can be a good fellow human being and spread the word further so we get a safer and better internet with less virus and spam!