“Can we get rid of passwords?” or “When are passwords going to become obsolete?” – these are questions UX and Security experts have explored for quite some time now. That’s actually why we have Password managers, Biometric tools, Physical keys and Multi-factor authentication (MFA) to help us keep our accounts secure.
No single approach alone, however, has proven to be enough to guarante that as users, we are immune to cybercriminals. Good security is not a one-time approach. It’s about the right tools and steps you take to make sure your data is safe. That’s why we’ve prepared this security checklist that will help you get the right approach
Can you tick all of these pCloud security steps?
1. Improve your password
Cash cards are issued with temporary PINS which are rarely changed, people re-use old passwords or enter easy-to-guess passwords. Nobody is happy about having to remember different passwords for every app or device they use. However, they are still essential to our security and that’s not going to change soon.
The password for your pCloud account is like the key to the home for your files. That’s why you want to make sure that you:
- haven’t used it before
- haven’t shared it with other people
- make sure that it’s strong enough
Security experts have provided the following guidelines that ensure your password cannot be cracked easily:
- make sure that your password is at least 12 characters long
- use phrases instead of only words
- include symbols, numbers, upper- and lowercase letters
- don’t include personally identifiable information like birth dates, your own name or more
- avoid dictionary words or combinations of dictionary words
If you can’t check at least one of the tips above, then you might consider your password for an update.
The problem, however, doesn’t lie so much in creating such passswords. It’s about actually remembering them. Some might point at Password managers. Such apps take care of everything from password generation to storage, so that we don’t have to burden ourselves. However, they also come with their own shortcomings. What’s more – we also need a Master password for them, as well.
Here’s a not-so-traditional advice for actually memorizing your passwords – use your visual memory. A recent study of the University of Iowa showed that we are much better at remembering what we see than what we touch or hear. Humans have the amazing ability to remember pictures. Several decades ago, people could remember more than 2,000 pictures with at least 90% accuracy in recognition tests over a period of several days, even with short presentation times during learning. This excellent memory for pictures consistently exceeds our ability to remember words.
Pro-tip: Use your keyboard to create a visual pattern for your password. Repeating this visual pattern several times should help you remember the character sequence, as well.
2. Review your Recent Activity
It’s easy to check when and on what devices you’ve logged your pCloud account:
- Open my.pCloud and log into your account
- Go to Settings > Security and check your Devices
Logged devices will list all of the places and browsers where your pCloud account is active. If you find any session that’s suspicious, then you can immediately terminate it from the list with a click.
3. Enable Passcode Lock
Passcode lock is a feature that’s available for the pCloud mobile app for iOS and Android. You can use it as an additional security step when accessing your account from the app through a security code, or through your fingerprint scanner (TouchID, FaceID). You can enable Passcode lock from the Settings of your app.
4. Enable Two-factor authentication
Two-factor authentication is another level of security for your account that goes a step beyond your username and password combination, and it takes a minute to set up. If you want to access pCloud only on devices you trust, then this feature is a must.
How it works | Manage your Security Settings | Frequently Asked Questions
Enable Two-factor Authentication
5. Review your email address
Here’s a step for those, who want to be especially cautious with their files and online safety. Email addresses aren’t entirely private information nowadays, especially when you use them for your social media account, newsletters, monthly bills etc. If you’d like to take the extra step, creating a private email address for pCloud, which only you know exists is a good step to protecting your account. Here are the steps you can follow in order to do so:
- Create your new email address
- Open my.pCloud and go to Settings > Account
- Click on Change email and enter your new email address
- Confirm the change by taking a look at both your current and private inbox and you’re done
Bonus step: Activate the Crypto folder
The Crypto folder is a special section in your pCloud account that’s protected by an extra layer of protection beyond pCloud security, itself. All the files and folders you add in the Crypto folder are secured with client-side encryption. This means that they are encrypted on your device, before they are uploaded on the pCloud servers. pCloud doesn’t know the encryption key for the Crypto folder. In other words, neither we as a service provider, nor any authority or third-party service can ever have access to your data.
You can activate the Crypto folder from your phone, laptop or from my.pCloud.com:
- Open the pCloud app or my.pCloud.com
- Go to the Crypto tab and click Set up
- Set a Crypto Pass – a unique password for your Crypto folder that is part of the encryption key
- You’re all set!
Pro-tip: We don’t store your Crypto Pass on our servers and there is no way for us to recover it in case you forget it. That’s why it’s important to set a useful hint.
At pCloud, we respect and protect your privacy. Our Legal and Security teams are dedicated to making sure pCloud has taken all the neccesary steps to meet full GDPR compliance. Learn more about how pCloud protects your files.