Chapter 7 - Is It Time to Rethink Online Security?

Is It Time to Rethink Online Security?

We’ve all heard it before: “Use a strong password!” But let’s be real; how many of us are still using some variation of our pet’s name and birth year? (Guilty as charged.) I already have to use apps to remind me of appointments and birthdays, there’s no way I could keep up with a hundred different complicated passwords! The truth is, passwords alone just don’t cut it anymore. In today’s digital world, where cyberattacks are smarter and sneakier than ever, it’s time to level up our login game.

Password breaches are everywhere. In fact, according to Verizon’s 2024 Data Breach Investigations Report, over 60% of data breaches involved compromised credentials (Verizon, 2024). That means your “Fluffy1985!” isn’t just easy to guess, it’s probably already on a leaked password list somewhere.

Multi-factor authentication (MFA) is like your digital bodyguard. MFA adds a second or even third layer of protection by asking for something you know (like your password), something you have (like a code on your phone), or something you are (like a fingerprint). Microsoft claims that MFA can block 99.9% of automated attacks (Microsoft, 2023). Pretty impressive for a tiny extra step, right?

MFA is a real-world application of several core information technology concepts. It starts with hardware, like your smartphone or fingerprint scanner, which plays a super important role in verifying your identity. Then there’s the software side. MFA tools are built into operating systems and applications using programming languages like JavaScript or Python, and they use secure APIs to communicate across devices and platforms.

Your login info doesn’t just float in cyberspace, it’s stored in encrypted databases, which help protect sensitive user credentials from unauthorized access. Database management systems are essential for storing, retrieving, and verifying your identity in a fraction of a second. MFA also integrates into network security protocols by controlling access to networked systems and stopping attackers before they get too far. So, yeah, there’s some serious tech happening behind that little login screen.

But even MFA isn’t bulletproof. As hackers get more creative, so must we. That’s why biometric security, password managers, and even passkeys (password-less logins based on device authentication) are gaining popularity. Google, Apple, and Microsoft are all pushing for a password-free future (FIDO Alliance, 2024).

So, what’s the takeaway? Strong passwords are still a must, but don’t stop there. Embrace MFA. Use a password manager. Understand how these tools rely on modern hardware, secure software design, databases, and network protections. Because staying safe online is no longer just about remembering your password, it’s about outsmarting the people trying to steal it.

Sources:

• Verizon. (2024). 2024 Data Breach Investigations Report. https://www.verizon.com/business/resources/reports/dbir/

• Microsoft. (2023). MFA can block 99.9% of account compromise attacks. https://www.microsoft.com/security/blog/

• FIDO Alliance. (2024). The Passwordless Future is Here. https://fidoalliance.org/passkeys/