What are the best practices for protecting yourself?

“12345”, “doudou”, “azerty” or “marseille”… In 2021, as in previous years, the most used passwords in France looked like to invitation cards for hackers. How to ensure the security of his data, in this case? We summarize it in three points.

Why do we still have to use passwords in 2022?

If using “I love you” or the first letters of the alphabet as a passcode isn’t ideal, it’s because the password is the first barrier to digital intrusions: the more common it happens, the easier it will be for the intruder to guess. once. Once done, the hacker can roam your bank accounts, health insurance, or any other digital service.

France is one of the most targeted countries for data breaches, according to cybersecurity specialist NordPass… And the French have a certain tendency to overestimate themselves, especially when faced with emails from phishing† These attacks, which resemble a e-mail or a text message officially are often used to retrieve username/password pairs. Phishing and hacking of digital accounts are the first two threats cybersecurity in France.

What are the rules for creating a password?

A good password has between 8 and 12 characters, depending on the recommendations of the government, and varies upper and lower case letters, numbers, letters and special characters. The goal is to slow down the attacks with brute force, which hackers use to automatically bypass this first barrier. A secure password contains no information about you or your loved ones that could be searched for by you online: no names, dates of birth or the like. Doubt about the idea you are developing? The Nothing 2 Hide association, specialized in the security of digital information, offers you: test the robustness† The Cnil for its part goes so far as to use passphraseslonger, but also easier to remember than a word in which you no longer know where to place capital letters and special characters.

The following rules are for changing the default passwords and for changing the password for each service. Otherwise, your entire digital identity is at risk once one of your accounts is compromised. Pay particular attention to the protection of your e-mails, as this box is where most of the password recovery messages from other services circulate. To check if your credentials have been leaked somewhere, you can use the site haveibeenpwned or extensions from Chrome True firefox – when in doubt, change the password you are concerned about. Never communicate them to a third party and ideally don’t use them on a shared computer (or make sure to use private browsing and close all your sessions before you leave).

How to keep everything?

Complicated to find your way? Don’t panic, that’s what the password managers : they play the role of a digital key fob by storing the identification/password pairs for each service. If you adopt one, you only need to remember one thing: a very solid passphrase that will be used to unlock the manager.

Moreover, if the password is the first anti-burglary barrier, it is not the only tool available. authentication multi-factor, widely used in banking, extends to more and more services. If you have a Google or Microsoft account, you may even decide to use this solution to improve the security of your accounts. In this way it is impossible to access without having your smartphone to hand.