Passwords are critical gatekeepers to our digital identities, allowing us to access online shopping, dating, banking, social media, private work and life communications, and protect our valuable data. In recognition of World Password Day on May 3rd, multi-award winning consumer cybersecurity company, BullGuard, offers some important tips on how to create strong passwords and reminds us why it is so critical to have better password habits.
Many people use simple passwords, such as; ‘1234567’, ‘qwerty’ and even ‘password.’ However, using simple password cracking programs hackers can crack these passwords very easily. These ‘brute-force’ programs make multiple guesses at high speed until the password is fully cracked. The program may take a few minutes or years; it all depends on the complexity of the password. If the password is simple it can be cracked in seconds.
At the same time many people use the same username and password for all of their accounts. Hackers can run programs that enter stolen username and password details on tens of thousands of sites until one hits. When it does, they have access to any number of your accounts and credentials.
You may practice good security on your home computers but organisations that hold thousands and millions of customer records, including user names and passwords, are consistently hacked, exposing all the information they hold. This data is typically put up for sale in the hacker underground.
Good password practice
Some of the easiest-to-remember passwords aren’t words at all but collections of words that form a phrase or sentence. This could be the opening line of a novel, a poem or even a song, sometimes with some numbers and symbols thrown into the mix.
Complexity is good, length is also critical. It used to be that an alphanumeric password only 8-10 characters in length was ideal. But these days, it’s increasingly easy for hackers to build extremely powerful and fast password cracking tools that can run through tens of millions of possible password combinations in a second. Each character you add to a password makes it an order of magnitude harder for hackers to attack via brute-force methods.
• Don’t use the same password on multiple websites. If a website is sensitive, that is, it stores personal information such as name, address and card numbers, this information can be used to make purchases in your name.
• Don’t use the password you use for your email account at other online sites. If an e-commerce site you are registered with gets hacked, there’s a high chance that your password, once cracked will be tried for other accounts, including your email.
• Do use two factor authentication if available. Most online services now offer this and it works by adding an additional layer of security to your personal accounts. This can help reduce the risk of particularly nasty cyber-crime like identity theft, phishing scams and online fraud.