2FA uses more than one type of information to identify who you are to grant you access to your online account. The first factor in 2FA is usually something that you know, such as a password, while the second factor is usually something you have, such as a One-Time Password (OTP) from a digital token or an SMS that is sent to your mobile device. Another form of authentication involves biometrics, which includes fingerprints and face recognition. This second layer of security ensures that even if hackers obtain your password, your account is still protected if they are unable to get hold of the second factor.
2FA is readily available for many of your online accounts, including your email and social media accounts.
Passphrases are passwords, but longer and made up of a string of words. Strong passphrases are important for keeping your online accounts and personal information safe from cybercriminals.
Cybercriminals can use automated tools to steal your passwords. They can conduct dictionary or brute-force attacks to guess your password by checking it against ‘password dictionaries’, which compile lists of commonly-used passwords and character combinations. The shorter and less complex your password is, the quicker it is for cybercriminals to hack. For example, the password ‘123456’ can be hacked in less than one second.
A passphrase that is long (with at least 12 characters) and random is harder to guess. Here’s how to create a strong passphrase that you can remember easily.
Step 1: String together five different words that relate to a memory that is unique to you. For example, you may have learnt to ride a bike when you were five years old.
Step 2: Use uppercase and lowercase letters, numbers or symbols to make it even harder to crack. e.g. Learnt2RIDEabikeat5
Do remember not to use personal information such as your name, NRIC or birthdate, or other easily obtainable information such as those found on your social media accounts. Ensure that your passphrase does not have an obvious pattern and is unpredictable. Some examples include:
It is important that you also take steps to maintain good password hygiene:
If you believe that your password has been compromised, change it immediately and check for signs of unauthorised activity.
A password manager is a software application designed to store and manage your passwords.
Using a password manager will only require you to remember the master password that unlocks the password manager, eliminating the need to remember multiple passwords for multiple accounts.
Select a reputable one with 2FA and features that best suit your needs. Consider product reviews on reputable websites, and only download them through official app stores such as the official Play Store (Android) and App Store (iOS).