Passwords are required for nearly everything in the digital world we live in. For our phones, computers, websites, accounts and much more.
However, for the most part, passwords really suck. They are so hard to remember and we often end up using easily guessable words or reuse our passwords everywhere. If you’re guilty of reusing, rotating or using easy passwords, then this guide is for you.
Want to find out how you can help improve your business' cyber security? Download our FREE White Paper to find out more >>
Cyber criminals have various tactics to find out passwords and access accounts. One easy way is through the dark web where there is a big market for the selling of login credentials and passwords. So, if you haven’t changed your password in a while, the chances of it floating around in a file on the dark web is high. Research has shown that an estimated 25 per cent of the stolen credentials on the dark web can successfully be used by cyber crooks to gain access to functioning Google accounts.
If you have been lucky (and clever) enough to keep your password off this list on the dark web, then cyber criminals will have to crack your passwords. Below are two common methods they use to do this:
Brute Force Attack – This is the simplest method, where a software is used to try and guess every possible combination until it hits yours. They start with the most commonly used passwords first, so these can be relatively quick and simple for them to crack. Whilst this method can eventually crack your password, using a very complex password with symbols, capitals and numbers, will make it a very long time before they do. Want to find out how long it would take a hacker to crack your password? Use this free password-cracking time calculator here.
Dictionary Attack – The clue is in the name. A dictionary attack works by systematically entering each word in a dictionary as a password. If your password is a regular word, you’ll only survive one of these attacks if you use a very uncommon word or if you use multiple word phrases. The dictionary includes the most common passwords, so it can turn out to be a somewhat brief and easy way of attacking.
The tools hackers use are changing all the time, so some say you can never be truly safe from them. But by creating strong passwords you can help to mitigate your exposure to vulnerability.
To help keep yourself and your personal information safe, it’s vital that you know how to create a strong password. Could you be guilty of using some of the world’s most common (and worst) passwords? You can check out some of the worst passwords of 2018 in our blog.
Your password shouldn’t be guessed easily, so below we have gone through some tips on things never to do when it comes to your passwords:
- Use your name, family member or pet names, important dates such as anniversaries and birthdays or special places.
- Use the word ‘password’ or a sequential list of letters or words.
- Use the same password for different accounts. If a hacker gets hold of one password, they will try it with your other accounts.
- Use dictionary words. Whilst you may think picking a random word is safe, it’s not. Common hacking programmes can guess these easily.
- Write your password down. Anyone could come into contact with that post-it note or piece of paper you wrote it on. If you struggle to remember your passwords, consider using a password manager such as Dashlane or LastPass. They remember everything for you apart from the master password. They can also help you to create more complex, security proof passwords if you’re struggling.
Now you know what never to do when it comes to your passwords, below are two different techniques you can use when creating a password:
Bruce Schneier's Method – Take a sentence and turn it into a password using a rule, for example if you took the first two letter of each word of ‘The Cat is Happy Eating her Food’ your password would be ‘ThCaisHaEaheFo’. You can also add symbols and number into this.
Keyboard as a canvas method – Treat your keyboard as a canvas and use it to draw patterns that are meaningful and memorable to you. For example the shapes could be your initials or a geometrical shape, which will create a password.
In addition to these tips and techniques for stronger, more complex passwords many experts are now recommending people to turn on two-factor or multi-factor authentication. They add an extra layer of security and give you a chance to confirm your identity.
Multi-factor authentication is a combination of the three things you:
1. know (e.g a password)
2. have (e.g your mobile phone)
3. are (e.g your fingerprint)
This is not always easy to do, so two-factor authentication is a combination of the first two. Both of these are becoming the new industry standard for effective security and can largely decrease your chances of being hacked.
Password security isn’t something you can just ignore, it’s essential for keeping your accounts and identity safe. If a hacker gains access to your accounts, you could become a victim of identity theft which can not only cause financial problems but emotional strain as well.
Interested in finding out about cyber-security best practices? Download our FREE White Paper>>