Password Security Guide – How to create Secure Passwords?

Importance Of Usernames And Passwords

• Your username is your identification. It’s used to build a unique digital profile about you specifically.
• Your password is your authentication. Password authentication relies on a secret value that is known only to you.
• A password protects your identity. Think of a weak password as an open door to a room full of your most precious possessions.
• Here are some important reasons to have a strong password:
  • Securing your site against hackers
  • Reducing the risk of viruses and botnets attacking your site
  • Also helps keep your business running smoothly
  • Helps keep your brand reputation in tack.

Password Security Measures

The more difficult the password, the lower the likelihood that one’s computer will fall victim to an unwanted intrusion.

• Ideally, passwords should be created using a random password generator and changed every 6 – 8 weeks.
• Always use a unique password for each platform you use – never use the same password for everything or a variation of the same password for different things.
• Never share your password with anyone.
• Keep your operating system, browser, and other software up to date.
• Use and maintain antivirus software and a firewall.
• Regularly scan your computer for spyware.
• Watch for suspicious activity on your accounts.

Tips for creating strong passwords and keeping them safe:

• Use at least 10 characters; 12 is ideal for most home users.
• Try to be unpredictable – don’t use names, dates, or common words. Mix numbers, symbols, and capital letters into the middle of your password, not at the beginning or end.
• Don’t use the same password for many accounts. If it’s stolen from you – or from one of the companies where you do business – hackers can use it to take over all your accounts.
• Don’t share passwords on the phone, in texts or by email. Legitimate companies will not ask you for your password.
• If you write down a password, keep it locked up, in a secured location.
• Consider Turning On Two-Factor Authentication.
• Give Personal Information Over Encrypted Websites Only.
• Use different passwords on different systems and accounts.
• Use the longest password or passphrase permissible by each password system.
• Develop mnemonics to remember complex passwords.
• Consider using a password manager program to keep track of your passwords.
• Do not use passwords that are based on personal information that can be easily accessed or guessed.

Browsers like Chrome and Mozilla warns users if there is a data breach on a site or app which exposed your password.

If a similar warning appears on the ClearTax GST, it does mean that ClearTax GST is compromised.

Reasons for such breach:

The following can be the reasons for such breach:

• You might have used the same password for many sites or apps with the same email address.
• Weak password was being used.
• The account was compromised on some other site or app.
• Might have shared passwords on the phone, in texts or by email.
• The password was predictable & easily hackable.

Solution to such Data breach:

• Immediately change the password of your account.
• Don’t use the same password for many accounts. If it’s stolen from you the hackers can use it to take over all your accounts.
• Use the following links to check whether their accounts have been hacked or not. Just enter your email id to check the same
  • https://haveibeenpwned.com/
  • https://monitor.firefox.com/
• You can manage your passwords using Google’s password manager. If your password has been included in a breach, Google will encourage you to change the affected password. Same goes for if Google sees that you’re reusing passwords, which is a terrible practice; everything should have a unique login.