Ethereum Users Suffer Money Loss Due to Weak Passwords

We can never emphasize enough the importance of strong passwords. Every single day we hear stories about various accounts getting hacked because of the weak passwords that were protecting them. The Ethereum password breach is probably one of the latest news in the never-ending tsunami of cybercrime activities.

We would like to use this entry to tell you more about Ethereum passwords, strong passwords in general, and how it would be possible to create a strong password that would be harder to crack. Please remember that you do not necessarily need to do everything yourself; you can also employ a password manager tool.

What is Ethereum?

Ethereum is a blockchain-based distributed computing platform and operating system. It is commonly associated with Ether (ETH), and so it is possible to see that it is essential in the cryptocurrency world. However, the blockchain technology itself can be applied in other spheres aside from the digital currency. Ethereum provides tools for developers to build decentralized applications, making a lot of programming tasks easier.

In other words, a regular computer user probably has never heard of Ethereum before, and they would not work with the platform unless they are familiar with the Go, C++, and Rust programming languages. Also, it is very likely that Ethereum users are a lot more versed in the computer and programming knowledge than most of the folks who access our blog to find out more about strong passwords. So why on earth do we write about this platform? Well, that is because even the best programmers might be susceptible to the most common mistakes when it comes to system security.

Like most of the programs and platforms, Ethereum also requires you to create an account in order to utilize the platform. Consequently, users need to create passwords to access their accounts, and this is where the biggest risk lies: You cannot use something simple for your Ethereum password.

Contrary to what regular users are used to when they make new accounts, when it comes to account management, Ethereum has no ‘forgot my password’ option. In other words, if the user forgets his Ethereum password, the account is as good as gone. So, where does that lead us to? This results in the fact that quite a few users create weak Ethereum passwords so that it would be easy to remember them. However, simple passwords are always a bad idea. Even if it seems that only a handful of users could access it, it is still possible to hack into your Ethereum account if the password is weak. And the latest Ethereum password incident only proves it.

What happened with weak Ethereum passwords?

If you do not know how to change the Ethereum password, you probably don’t know how to use Ethereum in the first place. However, those hackers who stole more than $54 million from Ethereum accounts certainly knew a thing or two about the platform.

The thing with weak passwords is that you do not even need to hack into anything to access a certain account. When a hacker tries to access a certain account, they just have to enter some of the most common passwords, to try and see whether it works. Unfortunately, even Ethereum users are prone to using weak passwords to protect their accounts. As a result, huge amounts of cyber currency were stolen last month. Security experts say that the compromised accounts either had longer keys that suffered a coding glitch or their Ethereum wallet automatically allowed them to pick certain keys, and the users just went with default passwords. Consequently, weak Ethereum passwords were created that were really easy to guess for the cybercriminals who hacked into those accounts.

Now, if you are an Ethereum user, you certainly know how to change your Ethereum password. You need to use the account command via your Command Line Interface to manage your account. This command allows you to change your Ethereum password, list all existing accounts, import a private key into a new account, and so on. As you can see, if you know how to properly utilize the Ethereum CLI, you can surely change your password without much difficulty. However, if you think that you cannot memorize your password, you can always use a third-party application to store it.

Take, Cyclonis Password Manager, for example. This free tool has the Notes feature, where you can save important information. Your Ethereum password could be a good example of important information that needs to be kept under several locks. Cyclonis Password Manager provides those locks, and you can be sure that no one would steal it from you.

What is a weak password?

And while you are at it, perhaps you should reexamine all of your passwords, or at least the passwords you use to access the most common accounts. We actually often talk about the terrible passwords that make it a lot easier to hack into private and corporate accounts. There are certain main rules when it comes to utilizing a password, and let’s go through them once again shall we?

First, don’t you ever think of using such combinations as 123456 or Password for your password. Yes, these are actually the most popular weak passwords out there, and it is unbelievable that people still use something like that. Of course, those are really easy to memorize, but they are also extremely easy to guess!

Next, do not reuse your passwords and make sure you change them regularly. Again, if you find it too bothersome, it is always possible to employ a password manager that will help you generate strong passwords and update them whenever you find it necessary.

So even if Ethereum users, who are clearly well-versed in computer programming, can inadvertently allow cybercriminals to access their accounts, everyone is quite susceptible to such mistakes. Please review your passwords, and if you find any weak link, renew it immediately. Finally, if you find the password management issue too complicated, you can always address a professional who will give you an insight on how to improve your account security.

June 6, 2019

Leave a Reply