Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Use Strong Authentication

Why Use Strong Authentication?

The security of your online accounts has to be as strong as possible, and account authentication represents the first line of online protection. NCSA recommends applying these three simple steps to ensure that you are as secure as possible when managing access to your online accounts.

1. Choose Strong Passwords

Passwords need to be complex sequences of characters, for them to be hard to guess by malicious actors.

To create strong passwords or passphrases, NCSA recommends using a random sequence of at least 10 characters that includes upper-case and lower-case letters, numbers and symbols to make your passwords strong. According to the National Institute of Standards and Technology (NIST) guidance, you should consider using the longest password or passphrase possible (8-64 characters) when you can.

Memory techniques such as mnemonics can help you to come up with a series of characters that are decoded into a complex sequence. A phrase like “I’m at the stadium and watching the game” through mnemonics can become “I@TS+WTG”. Mix lower-case and upper-case characters while adding numbers and special characters to create a strong password such as “i@Ts!+wTg546”. Repeat this process to create unique passwords for each of your accounts instead of reusing any of them. The idea of managing many unique passwords can seem daunting, however there are password manager programs that can support this process.

2. Automate Regular Password Change

Automated password change is a security best practice and a necessary step to take for strong authentication. It can be difficult to detect that someone else has access to your account. 

Therefore, changing account passwords regularly helps a legitimate user to minimize the risk of unauthorized access attempts to their accounts.

NCSA recommends users to change their passwords every 3 months or less.

3. Multi-Factor Authentication

Multi-factor authentication is an additional level of security that uses multiple pieces of information to verify your identity. MFA requires at least two (2) identity components to authenticate a user's identity. It is highly advisable to enable multi-factor authentication on all of your accounts where applicable.

MFA identity components include:

  1. Something the user knows (e.g: password, PIN),
  2. Something the user possesses (e.g: token, card, one-time PIN),
  3. A unique trait of the user (e.g: biometrics – fingerprint, facial recognition).

Applying these best practices will reduce the risk of an attacker guessing your passwords, but does not guarantee complete protection of your accounts.

For additional best practices, a user should:

  • never share their passwords,
  • always log out of their accounts when using public computers,
  • never access sensitive accounts when using public Wi-Fi.

 

 

 

 

 

02 October 2021

© 2024 National Cyber Security Authority