Here’s how to keep your online passwords private
Ever wondered what types of online threats you can run into simply by browsing the web? How could a seemingly legitimate website affect your privacy or your data? Passwords are usually the first line of defence against threat actors trying to grab photos, documents, and all the private information and data that are supposed to be safely locked away from prying eyes.
Zakir Hussain, Director, BD soft, Country Partner of Bitdefender, believes that hackers are interested in passwords and authentication credentials, as they provide a means for accessing information without triggering alarms usually generated by the use of vulnerabilities, or malware. This allows them to freely impersonate the victim and log into their accounts. Consequently, choosing a strong password that’s unique to each account is mandatory.
However, the authentication process requires that, whenever you log into your account, the sent password is no intercepted by hackers. This means that both the communication channel – the connection between you and the website you’re trying to log into – and the password itself need to be encrypted when sent across the internet. Otherwise, it’s like shouting out your password to a friend across a crowded room. For example, Network Threat Prevention is a new technology and is specifically designed to help you steer away from online threats, and keep your passwords private. This new technology can also prevent vulnerabilities in your system from being exploited, and it can detect and block bruteforce attempts aimed at guessing your passwords, prevent your device from being compromised in botnet attacks, and prevent sensitive information from being sent in an unencrypted format.
Because attackers can sometimes “eavesdrop” on your conversations and they understand what you’re saying, passwords need to be sent across in a way that’s difficult for bad guys to read. Security experts have figured out a way to make the conversation between the browser and website, private. Dubbed as Hypertext Transfer Protocol Secure ( HTTPS), its purpose is to protect the link between
the browser and the website from being “understood” by anyone eavesdropping. The main advantage is that, whenever you’re visiting websites that have HTTPS instead of HTTP, everything you’re “saying” to them, it looks like complete gibberish to someone listening in.
AntiVirus software has the ability to identify whenever you’re about to send passwords or credentials to a website in a manner that can be overheard by everyone. This is why you’ll sometimes see a message that reads “An attempt to send your password unencrypted, in plain text, was prevented on this page.” whenever you’re visiting a website that doesn’t use HTTPS when requesting your passwords.
Websites that don’t have HTTPS enabled – usually represented by that little green lock at the beginning of the website’s name – are not necessarily bad or a danger to your privacy. But it’s worth noting that even websites that do have HTTPS can be fraudulent.
For instance, to add credibility to a phishing website that impersonates a popular bank or online retailer, attackers use HTTPS to throw people off. It’s pretty much like bad guys dressing up as cops, and then committing a crime.
So next time you log onto a website and input your password, make sure it’s sent across encrypted so that no one can intercept it.
HTTPS’ purpose is to secure the link between browser and the website.
AV software can notify of malicious websites.
Ensure portal is encrypted before typing passwords.