Is your password putting you at risk to cyber thieves?
Sandra Hermiston & Lynda Steele, CTV British Columbia
Published Tuesday, June 18, 2013 6:00AM PDT
***Story originally aired March 4, 2013***
With cyber thieves cracking codes and stealing passwords at lightning speed, international IT security experts claim the traditional password is quickly becoming a thing of the past when it comes to Internet security.
Chances are you use several passwords for everything from your home PC to your online banking, but those passwords may be giving you a false sense of security.
"On a modern laptop it can take 20 seconds to crack a common password," said Fortinet Global Security Strategist Derek Manky.
Hackers can find password cracking programs free online that can break into your wireless network and steal your password. That’s why many companies are adding a second layer of security in the form of a digital security key that provides one-time passwords.
"You enter your user name and password and then it asks you for the authentication code which changes about every 30 seconds, so you press the button, enter the code and you're off," said Manky. “The idea is, even if you have a simple password, sure they might know your password, but there's no way they're going to know this."
PayPal has a digital card password token and Internet giant Google offers a downloadable password token called the Google Authenticator.
If you use your computer to control your home sound system, lighting and security it is like handing the house keys to a hacker, according to Fortinet security strategist Alex Harvey. He says all a hacker would need to do is crack your password and they’re literally inside your front door.
“They can unlock or lock your door. You’re giving people access to your house, by putting it online,” said Harvey.
Cyber thieves are after your mail as well. Some U.S. parcel services, like 24/7 Parcel in Blaine, Washington, send customers a text message with a PIN code when their packages have arrived. You punch in the PIN code to retrieve your package. However, if your Smartphone is infected with a virus it could allow cyber thieves to steal your text with that PIN code.
"People can now physically steal something from you because physical access is controlled by something that's sent in an email," said Harvey.
These kinds of cyber attacks are skyrocketing. In 2011, Fortinet detected 200 types of viruses on android devices. In 2012, it detected 1,200 viruses – a 500 per cent increase.
In 2011, 7,000 cyber attacks were reported worldwide every month. That has jumped to 40,000 cyber attacks a month.
It’s important to always pick a strong password with at least eight characters, which include one upper case letter, one number and one special character like a question mark. And never click on suspicious links or open attachments you're not sure about. If you do, unplug your computer and get it checked for viruses.