Cybersecurity: Now Is the Time to Update Passwords

There’s never been a better time than now to take a few minutes to focus on securing the devices that make your work possible to protect you and your clients’ data.

The first step to take to improve your cybersecurity is to ensure that every device, including your smartphone, has proper antivirus security, said Craig Grant, CEO of the Real Estate Technology Institute. “People don’t realize how easy it is to hack a phone or a tablet.”

It is one of the first recommendations the nationally-known speaker and educator makes to Realtors®. Once that is done, it’s time to secure your home internet by changing the default login and password on the modem that delivers the internet to the property. The next step is to ensure you have a strong password on your WiFi router.

If you live in any kind of shared environment like a condo community with shared walls or a neighborhood where the homes are close together, Grant said neighbors or others could use your Internet connection to do “bad things.” He pointed out that his own home picks up signals from at least 10 neighbors’ networks, and only two are password-protected.

Strong passwords are the key to good cybersecurity. While it may seem easier to use a password manager, such as Last Pass, for the convenience they offer, Grant cautions that these programs have been hacked and represent a “goldmine” to hackers.

Instead, Grant teaches a three-step, “unhackable” technique that ensures you have “really crazy” but easy-to-remember passwords on every site. “Every single website, every single app or account you have these days should have a totally different and crazy password.”

His base psychology password strategy starts with a standardized base, which is the same for every site. It should be a randomized string of characters. He said this makes it difficult for someone using a password cracker or who obtains one of your passwords from a different site to figure out your other passwords.

Some sites allow symbols, while others don’t, so you may need two bases to account for those requirements. An example might be W3x8Bil or W3x8B!l.

The second part of the password is the psychology part. He advises you to think of one word per site that makes you think of that site. For example, for your Facebook account, you might use Zuck because Mark Zuckerberg makes you think of Facebook. For your Gmail account, you might use Google or use MLS for your MLS site.

The third part of the password relates to the time of year. Since it is recommended that you change passwords quarterly, you might use 2Q for the second quarter of the year. Grant suggests also using the year with the quarter to avoid repeating passwords. For the second quarter, the end of the password would be 2Q20, for example.

This technique results in a Facebook password that would be W3x8BilZuck2Q20.

Other tips for improving your security include:

• Using two-factor authentication whenever it’s available. Two-factor is where the site sends you a one-time identifier or token you can use to complete the login on the site or app. This process can also use biometrics such as fingerprint or facial recognition.
• Using Virtual Private Network software whenever you are using free, unsecured WiFi in a public location
• Keeping all operating systems, software, apps and plug-ins up to date. The updates typically fix security holes.
• Protecting client data through encryption or password-protecting computer files and folders.

Additional information on real estate technology, cybersecurity and more can be found at the Real Estate Technology Institute website.