{"id":30464,"date":"2023-04-26T10:10:29","date_gmt":"2023-04-26T10:10:29","guid":{"rendered":"https:\/\/www.cyberguru.it\/2023\/04\/26\/password-the-armoured-data-protection-door\/"},"modified":"2023-12-12T12:04:04","modified_gmt":"2023-12-12T12:04:04","slug":"password-the-armoured-data-protection-door","status":"publish","type":"post","link":"https:\/\/www.cyberguru.it\/en\/2023\/04\/26\/password-the-armoured-data-protection-door\/","title":{"rendered":"Password: the armoured data protection door"},"content":{"rendered":"\n

Let’s learn to keep it robust<\/em><\/h2>\n\n

Technology, in addition to making the world less mysterious and smaller, has undoubtedly made our lives easier and less tiring. But, as wise people say, nothing is free and, by a strange law of compensation, where there is an advantage, there is always a loss, or in any case, a risk.<\/p>\n\n

So, if it is true that a click is now enough to perform practically any action or to access a lot of knowledge, it is also true that every click we make leaves a trace that can allow someone else to identify us, track us, find out many things about us and, above all, infiltrate our lives. In short, in the age of the internet, living incognito has become a luxury that few can afford<\/strong>.<\/p>\n\n

The digitised data in our devices, whether personal or corporate, represents a digital extension of our person or of the company for which we work and becomes our digital fingerprint<\/strong>. It’s a real identity that must be safeguarded and protected to prevent someone from stealing it and using it to carry out actions that we never wanted to do. Among these, there is certainly the action of moving through corporate networks without being discovered. This activity is very widely practiced by hackers who manage to play the role of an employee after gaining access to their credentials. <\/strong>For this reason, identity security<\/strong> has become one of the priorities of CISOs<\/strong>. <\/p>\n\n

But identity theft<\/strong> can have many other serious consequences, including: the creation of fake profiles, privacy violations, and the manipulation and alteration of data. For companies, in addition to those mentioned, we can add data theft for ransom, or for profit, or aimed at unfair competition. In short, phishing attacks aim at the theft or exploitation of digital identities and can result in serious losses for users, suppliers and even prevent customers from using online services. And all this is always due to human error, distraction, or an underestimation of risks.<\/p>\n\n

From the latest 2022 edition of the Data Breach Investigations Report (the fifteenth) it emerged, in fact, that the majority of data breaches occurred due to natural persons who inadvertently and recklessly “collaborated” with the attack. <\/strong>They practically left the front door open.<\/p>\n\n

In fact, among the human errors that enable hackers to steal or damage identities, there is certainly that of not taking enough care of passwords and login credentials and using them in the wrong way.<\/p>\n\n

True, we are all overloaded with passwords and credentials: according to the data, the average person has about 70. Remembering them all is a big problem.<\/p>\n\n

For this reason, we often give in to laziness and thus always use the same ones or choose simple ones in order to remember them more easily. It’s a very common mistake, but one that should never be made.<\/p>\n\n

Some puzzling statistics show how much the password security situation has worsened in recent years:<\/strong><\/p>\n\n