Password Security - Are you doing enough?

Creating passwords can be a bit of an unwelcome conundrum these days, as we already have so many to remember. It feels like you can’t get anything done these days without having an online account and, therefore, adding new passwords to your already vast multi-character, symbol-packed catalogue.

The thing is, everyone knows how important they are. And it’s fairly evident that we shouldn’t use the same one for everything, although most people still do it anyway. 

So here is a brief background on what makes a good password and how to keep track of them. 

How are passwords exposed?

Before we look at what constitutes secure passwords and how to keep track of them, let’s see why you need one, as I’m sure you’re wondering why anyone would want to hack into your account.

• Brute-force attacks. Whether a hacker attempts to access a group of user accounts or just yours, brute-force attacks are the go-to strategy for cracking passwords. These attacks work by systematically checking all possible passphrases until the correct one is found. If the hacker already has an idea of the guidelines used to create the password, this process becomes easier to execute.

• Data breaches. Your company (or one you have an account with) could be the next one to succumb to hackers and lose millions of users’ personal information. Think Sony, JP Morgan and Yahoo to name a few.

• Someone’s out to get you. Could be anybody – but you must have really ticked them off.

What makes a good password?

You might not be able to stop hackers from trying – but you might as well create passwords that can withstand brute force attacks.

This animation gives an idea of how longer passwords increase security:

As you can see, the difference between a 6 and 12 letter word (with a few symbols too) makes a world of difference when looking at how long it would take to crack a password.

Source: http://9gag.com/gag/a09DGWn/size-matters-password-length-vs-average-time-to-crack

A strong password is considered 12 characters long – with a few symbols in there to be safe.

However, the real issue is trying to remember each password for our various web accounts.

This is where many people turn to password managers like LastPass, Dashlane and 1Password. Storing information on a USB or writing it down are also some of the more popular methods of remembering multiple passwords.  

Obviously, it is up to you to decide on the most suitable passwords, but have a go using tools like this to see how secure they really are:

https://howsecureismypassword.net/

http://random-ize.com/how-long-to-hack-pass/

Enabling two-step verification is also a great way of adding security. 

When enabled, signing in will require you to also enter in a code that's sent as a text message to your phone. Meaning, a hacker who isn't in possession of your phone won't be able to sign in, even if they know your password.

So there is your brief background on password security. Now it’s up to you to make sure you deter hackers as much as possible. 

 

Useful articles:

http://www.itworld.com/article/2832596/security/how-many-seconds-would-it-take-to-break-your-password-.html

https://howsecureismypassword.net/