Password and Cyberspace Protection
How Nigerians Can Play Safe Online
How Nigerians Can Play Safe Online
Billions of passwords have been stolen and about ten million passwords and credentials are being hacked daily on the internet. This translates to about one hundred passwords being hacked every second. Yet, passwords remain one of the most critical control measures at the workplaces worldwide used to secure personal data, company secrets, and in some cases a country’s infrastructure.
These words of Wemimo Adewuni at the start of the Morning Crossfire show on 99.3 Nigeria Info, tell us just how important the use of passwords is on a personal level and on a national scale. According to Adewuni, passwords are used widely for computer, phones, and banking operations.
Cyber Security Engineer, Co-Founder, ExclaimLabs, Stephen Lawal gave an incisive definition of the word password protection as “one of the most common ways in which you can protect your identity, protect access to personal information, or business information. If you want to log into your banking platform you need a password, if you want to go on Facebook, you make use of your password. Almost everything you’re doing needs a password or a PIN,” Lawal begins.
“Password is a common way of identifying who you are. It is a common way of authentication. One common thing is that people repeat passwords. They use the same password across platforms and they make themselves vulnerable when one platform is hacked. What would happen if say for example Yahoo is hacked and a user makes use of the same password for Instagram, Facebook, and other more important financial platforms? If you repeated your password; that means you’re open as a book.”
Lawal goes on to explain that when a password is compromised, the details could be sold on the dark web and what happens is that people use these information to do what is called identity theft. They login as the person whose email has been compromised and then they send a lot of emails to his or her friends. He mentioned a case of a young guy who had his email compromised and the thief started sending emails to his friends, begging them for money because of an emergency. A lot of people were already sending money before they realized that it was a scam.
Is There a Solution after One’s Platform Has Been Hacked?
Lawal believes that it depends on what the platform is. “Some platforms have password recovery policies but the question is; how strong is the password? For example, Gmail is one common platform which people utilize and you can always use the password recovery mechanism. But that depends because if the hacker is way smarter than the victim he may remove other features by which the victim can recover the password. Hackers are always one step ahead,” says Lawal.
How Hackers Work
Responding to this aspect, Lawal said that the hacker thinks like the user. They also take advantage of the mistakes people make, like making use of birthdays, name of pets, name of loved ones, or even one’s name in passwords. Sometimes, people write out passwords and throw it where other people can find them.
Other hacking methods available are “Brute Force, dictionary attack, which refers to when people make use of passwords by picking dictionary words. Once a person is not making use of standard procedures for creating passwords the user is really vulnerable,” Lawal confirms.
Yet, some of these online companies tell users to make use of combination of characters or numbers also make the works of hackers easier because they now have a pattern to work with.
On the policy and development aspect of this issue, Rotimi Sankore says that there are two angles to this issue. One is that in countries where there is low cyber literacy, people don’t read terms and conditions on many websites probably because they are like essays.
“Just imagine the hundreds of thousands of Nigerians that are not very literate,” Rotimi adds, “from bus conductors, mechanics, and other people like that who make use of Facebook, make use of Yahoomail, it means that people may misuse their accounts, like people don’t even log out. When you are done online in a cybercafé, you are supposed to delete all the cookies but people may think you’re talking about biscuits when you talk about cookies.
“In the first instance,” continues Rotimi, “any frequent traveler would tell you that very often when one makes use of hotel laptops, one will see the account of the last person who used it open and that means the fellow did not sign out. And that’s one problem.”
The problem goes further as Rotimi states that in a place where security agents are clamping down on young people, born digital, who they think are involved in cybercrime and arresting people who carry laptops, the security agents may not pay attention to cyber literacy.
“The problem today is that the states are often vulnerable. If U.S has been able to infiltrate the Russian cyber infrastructure, one can imagine how quick U.S.A can crack down on Nigeria’s cyber space. Public officials should be well informed and trained about these issues.”
Lawal states that it is good to make use of different passwords on different platforms even if these passwords are strong. Secondly, he recommends that people make use of password managers that encrypt the passwords and store them securely.