Have you ever wondered; how strong your passwords really are? Are eight characters enough, or should you use twelve? The answer is neither, is necessarily the “right” answer.
This is due to password cracking. Password cracking is a method of attack where cybercriminals attempt to “crack” or steal passwords from their victims, and it is very effective.
But first, let us backtrack a little bit, and define what a password is. Passwords are secret data, usually in a form of a string of characters, that are used to authenticate and confirm a user’s identity. Passwords have many use cases. They can be used for several purposes including online banking, users accounts such as Facebook, Twitter, etc., including accounts used for work. They are unique to the individual user and should only be memorized and used by the owner of the account.
Passwords are often created with a mixture of different characters such as an uppercase and lowercase letters, numbers, and special characters.
If you are frequently online and utilize usernames and passwords, you likely understand how important they are and what they are meant to protect. The real question is, how secure are your passwords? Can your passwords be easily cracked? How would you know?
Over the past few years, there has been a significant increase in account breaches and the root cause for most of them, are weak passwords. The consequences can be devastating. Once a cybercriminal has breached your personal or professional business account, they can access sensitive data which can then be harnessed and used for malicious purposes. By gaining access to these accounts, hackers can harness data such as:
- First and Last Name
- Home Address
- Postal Code
- Date of Birth
- Social Security Numbers
- Banking info
- Medical records
- Much more
All of this information can be used to steal the victim’s identity, which can then lead to identity theft and fraud.
What can you do? How do you ensure that your passwords are uncrackable?
Things to avoid:
- Avoid using any personal information in your password, information such as:
- Dates of birth
- Pet names
- Names of family members, friends, or loved ones
- Avoid using the text “password” when creating a password.
- Avoid sharing your password
- Avoid any keyboard patterns and sequences such as:
Things to ensure:
- Use an uppercase character
- Use a lowercase character.
- Special Characters
- 12 or more characters in total (minimum)
- Change your password every 30-90 days
What else can you do?
Passphrases which are a string of words together, can also be used to ensure a longer and more complex password. These are often easier to remember but are extremely difficult to guess. A passphrase containing uppercase and lowercase letters, numbers, and special characters that is more than 12 characters long ensures that it cannot easily be breached by cyber criminals.
The best option to guarantee the strongest passwords is utilizing a Password Manager. Password managers give the ability for users to safely store all their credentials and Passwords inside one account. Many of these password managers offer a password generator which allows users to generate a string of characters to be used as passwords. These password generators generate a random string of characters based on the user’s choice of password complexity whether they want to include any special characters within that string or even change the number of characters within the string itself.
Credentials that are stored in these password managers are often hidden and gives the user the option to copy and paste their credentials without seeing the text or being forced to remember it, which is one of the underlying benefits of a password manager.
Avoid reusing the same password for each one of your accounts. Reusing a password, can put accounts at great risk as if one account is breached with a compromised password, a cyber criminal will almost always try that password on other accounts that they may have discovered. Always use a unique password for every account that you manage.
Still think your password is strong enough?
The graph below, illustrates how long it would take for a password to be cracked (compromised) using a password cracker.
As you can see the longer and more complex a password is, the longer it takes to crack it. We highly encourage readers to fully consider the strength of their passwords as this can protect them from their accounts being breached.
Your passwords can be easily cracked by highly experienced cybercriminals, it is the user’s responsibility that this does not happen. Using convenient passwords that are easy to remember and easy to crack is careless and should be avoided at all costs.
When creating a password, ensure that:
- You do not reuse your passwords
- You change your passwords every 30-90 days
- Never give your passwords to anyone
- Make your passwords as strong as possible
- Uppercase and lowercase letters
- Special characters
- Use a password manager
- Use passphrases to create strong passwords.