A secure login will benefit you in three major ways: (1) secure authentication prevents any other person from accessing your files; (2) the authentication step provides another barrier that can prevent automatic events, such as downloads, depending on the device’s settings; and (3) devices will lock out users after attempting authentication, but failing.
What is authentication?
This may seem obvious, but many users do not realize the difference between ‘authentication’ and ‘passwords’. The difference being, that passwords are a type of authentication, but there are many other methods that can be used as logins or proof of identification. There are three types of authentication methods: (1) things you know, (2) things you are, and (3) things you have.
Things You Know – these include: passwords, passphrases, PINs, etc.
Things You Are – also known as biometrics (finger prints, iris scans, palm scan, etc.)
Things You Have – tokens, temporary codes, etc.
Secure Logins in Organizations
Many industry standards regulate minimum requirements for authentication and most industries require, at minimum, a password. Authentication policies regulate the minimum length of a password/passphrase, the required characters (alpha-numeric, special characters, capitals, lower case, etc.), the length of time when a password would expire, the prevention of reusing old passwords/passphrases, etc.
Many security professionals recommend complex passwords – ones that include special characters, etc. – while many recent studies have found that more effective logins are long passphrases. Instead of passwords such as: ‘Password123!’, rather combine words and make a passphrase such as: ‘ionlyusepassphrases’ (I only use passphrases).
How to make a login more secure
Biometrics are trending as a more revolutionary form of authentication. The most common biometric nowadays are cell phones that require fingerprints to unlock them. Biometrics can also include: retina or iris scans, fingerprints, palm veins, face recognition, DNA, palm print, etc. Used as the sole method of authentication, you face the increased risk of getting hacked. However, using it in conjunction with another form of authentication increases the effectiveness of this security measure. This would then be referred to as multi-factor authentication. Theoretically, you could user infinite factors for authentication, but most organizations use a maximum of two or three factors.
Tips to remember: The more characters and symbols your passwords contain, the more difficult they are to guess. Don't write your passwords down, share them with anyone or let anyone see you log into devices or websites. Do change your passwords regularly. Make sure you log out of websites and devices when you are finished using them.