As cyber threats increase, protecting passwords is more important than ever

We all remember the recent gas shortage. Blame cyber-hackers for those long lines. All they needed was one Colonial Pipeline employee’s password.

"It’s the passwords! Whether it’s the Colonial Pipeline, whether it was that water plant in Florida, whether it was the Solar Winds attack way back when, you know, these were all passwords," said Grant Gibson, chief information security officer at CIBR, a cybersecurity think tank headquartered in the Triangle.

Gibson says those incidents reveal how deep hackers can get into an otherwise secure system.

In order to secure more privacy, some people use online tools called Password Manager. It uses encryption to protect your passwords and stores them in one place.

Gibson recommends we add personal ID options offered through major online providers.

He says, all you have to do is type in the search bar, "How do I enable 2-Factor or Multi-Factor Authentication?: Then go to "settings" and then to "security".

"And once you do that you can set it up so that every time you need to type in your password, it will follow that up and say, OK, let me send you a text message and that’s the safest thing to do," said Gibson.

Also, he says, actually follow the advice we’ve heard so many times: Use random characters!

"You want to use passwords that don’t contain anything that relates to you," said Gibson.

That means do NOT use initials, birth dates or home address.

Gibson’s advice is treat your passwords like the key to your home.

"If you think that somebody has the key to your home, if you thinks it’s been compromised, you change your lock, right? Change your passwords. Treat it like your house," he said.

Gibson adds that generally, people should change their passwords every 30 to 90 days.

If you use tools like "Two-Factor" -or- "Multi-Factor Authentication" – he says you can wait a full year before you change your passwords.