OCS banner and logo
Keeping clients' computers safe and profitable for over 30 years



Home Forms About Current Newsletter subscribe 
Search All Articles

Browse by Category
Security Internet Mobile Business Hardware Fun


powered by pmc2m

 

The Four Biggest Security Threats Most of Us Face

Big Vault

Preview:


The biggest security problems most of us face are password related. Too many people reuse passwords or change them a little or use weak ones. Here is what you need to do. Also, how to avoid phishing attacks.
  1. Password re-use
  2. Weak Passwords
  3. Password reuse with small modifications
  4. Phishing

Threats: 1–3 Passwords

Criminals have about half the passwords most people use!

OK, so if my email address is out there, and it is used as a username, then what is the danger if I have a mediocre password? The danger is that criminals have a database of 19 billion passwords. According to Cloudflare, almost half of all passwords used are on that list.

Question: Yes, but isn't it going to take someone a long time to try a billion passwords?

Answer: NO. Because no one tries it. Criminals spend a few hundred dollars to rent a botnet of 30,000 devices that digitally start entering passwords to your accounts. They try those passwords and variations in all the places you might have an account to gain a foothold.

According to a recent study by Forbes, users will, on average, reuse their password across four different accounts.

Forbes reported that:

Bots are the driving force behind credential-stuffing attacks. The data indicates that 95% of login attempts involving leaked passwords are coming from bots.

The best protection

The best protection is to have a password manager create a random 30-character or more password for each account.

Question: Isn't 30 characters overkill?

Answer: Yes, it is now. But it means you aren't going to have to change the password in 5 or 10 years. Why not have an extra-long password? You don't need to type it. With a password manager, you'll have a secure place to store passwords and never need to type them.

If you just use your Windows computer to log into websites and for other data, I strongly recommend KeePass. It is free, open source, and was audited. It is widely used and provides excellent security and ease of use.

If you want a password manager that will work on your mobile devices and computers and keep everything in sync, I recommend Bitwarden. It is free, though I recommend the $10/year plan. It will sync across all your devices. I use it on my Windows computer and as extensions with my browsers and on my phone and tablet.

Threat 4. Phishing

Phishing attacks are simple to thwart. Two protections will handle almost all situations.

  1. Never click on any link to log into any site. Always login from your own browser bookmarks, or directly from your password manager.

  2. If you made a mistake, and somehow clicked on a link that took you to a site that appeared to be your bank, email, or government entity, there is still hope. If you are using an online password manager like Bitwarden, then it will show you whether you are on the correct site. It won't present an offer to log you in unless the website address matches its stored domain for that account. This is another advantage of web-based password managers.

Further reading




Date: June 2025


Creative Commons License
This article is licensed under a Creative Commons Attribution-NoDerivs 3.0 Unported License.

 
 
I attempt to provide reliable information, but make no warranty as to the accuracy or safety of these articles. I disclaim all legal responsibility for what following these instructions may do. Follow my advice at your own risk
  Please direct questions/suggestions about website to the webmaster