Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work and life communications, and protect our valuable data. In recognition of World Password Day on May 3rd, multi-award winning consumer cybersecurity company, BullGuard, offers some important tips on how to create strong passwords and reminds us why it is so critical to have better password habits.
Many people use simple passwords, such as; ‘1234567’, ‘qwerty’ and even ‘password.’ However, using simple password cracking programs hackers can crack these passwords very easily. These ‘brute-force’ programs make multiple guesses at high speed until the password is fully cracked. The program may take a few minutes or years; it all depends on the complexity of the password. If the password is simple it can be cracked in seconds.
At the same time, many people use the same username and password for all of their accounts. Hackers can run programs that enter the stolen username and password details on tens of thousands of sites until one hit. When it does, they have access to any number of your accounts and credentials.
You may practice good security on your home computers but organizations that hold thousands and millions of customer records, including usernames and passwords, are consistently hacked, exposing all the information they hold. This data is typically put up for sale in the hacker underground.
Good password practice
Some of the easiest-to-remember passwords aren’t words at all but collections of words that form a phrase or sentence. This could be the opening line of a novel, a poem or even a song, sometimes with some numbers and symbols thrown into the mix.
Complexity is good, length is also critical. It used to be that an alphanumeric password only 8-10 characters in length was ideal. But these days, it’s increasingly easy for hackers to build extremely powerful and fast password cracking tools that can run through tens of millions of possible password combinations in a second. Each character you add to a password makes it an order of magnitude harder for hackers to attack via brute-force methods.
# Don’t use the same password on multiple websites. If a website is sensitive, that is, it stores personal information such as name, address, and card numbers, this information can be used to make purchases in your name.
# Don’t use the password you use for your email account at other online sites. If an e-commerce site you are registered with gets hacked, there’s a high chance that your password, once cracked will be tried for other accounts, including your email.
# Do use two-factor authentication if available. Most online services now offer this and it works by adding an additional layer of security to your personal accounts. This can help reduce the risk of particularly nasty cyber-crime like identity theft, phishing scams, and online fraud.
# In summary, you should use passwords that are lengthy and with some numbers and symbols randomly thrown in. It’s important to adopt two-factor authentication, and if you use the same username and password on all accounts it can leave you extremely vulnerable.
Of course, it can be difficult to remember secure passwords if they are created properly. As such password managers are a good option. They automatically create strong passwords for you and securely store them, so for each online account you have, you can have a robust password that is easily remembered.