Are Your Passwords Secure?

October 11th, 2020
Are Your Passwords Secure?

Are your passwords secure?

How many times a day do you log in to your accounts that need a password, like Facebook, Instagram, Netflix, and banking apps? Are the passwords you use secure? Probably not! The easiest way for hackers to get your sensitive data is by stealing your passwords. If a hacker cracks a code, they can compromise your complete identity and open new credit cards and drain bank accounts.  Don’t get us wrong, passwords are annoying, especially since you need a different one for each account. In the future, something else will replace them such as face or fingerprint scanners.  But until then, we must use passwords for most things. This means that you should know how to create strong passwords to protect yourself, your business, or the business you work for.

 Why strong, complex passwords are important…..

A strong password is one that is tough for a hacker to crack. Using long and complex passwords makes it stronger and is one of the simplest ways to defend yourself from cybercrime.  A weak password is a simple word that can be found in the dictionary or an easy and commonly used phrase like "password123" or "letmein." Hackers have lists of commonly used passwords. If you use one of these, it’s like having no password at all.  There are a few methods hackers use to crack passwords, and they tend to be more successful on short and simple passwords. A dictionary attack, for example, attempts to match your password to simple words that you would find in the dictionary.                     If your password is somewhat more complex, than a brute force attack may not. A brute force attack simply tries every possible combination. As computers get faster, short and weak passwords get easier for hackers to crack.

 Tips on creating a strong password…..

  • Use a long passphrase. According to NIST (National Institute of Standards and Technology) guidance, you should consider using the longest password/passphrase permissible. You can use a song phrase or a title of a book with some punctuation and capitalization.
  • Make it long and use a mix of upper and lower-case letters, numbers, and symbols. The longer your password, the better. Unless a website limits the maximum length of the password, you should make it much longer — 12 characters is a good length.
  • Be creative. Use phonetic replacements, such as “PH” instead of “F”, or make obvious misspellings, such as “gob” instead of “job.” 
  • Don’t tell anyone your passwords. Every time you share or reuse a password, it opens up opportunities for it to be misused or stolen. 
  • No matter how strong your password, it should never be re-used. Unique account, unique password. This prevents cyber criminals from gaining access to these accounts.
  • Double your login protection. Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for any service that requires logging in.
  • Utilize a password manager to remember all your long passwords. A password manager will help you keep track of your passwords and allow you to create strong passwords for every account. This is the most secure way to store all your passwords. With one master password, a computer can generate and retrieve passwords for every account that you have.

Password don'ts:

  • Don’t make passwords easy to guess. 
  • Avoid using common words in your passwords.
  • Don't use common words or phrases like "password”.
  • Don't ever reuse a password.
  • Don't use your name, birth date, or any other personal information.
  • Do not include personal information in your passwords such as your name or children’s names. This information is often easy to find on social media, making it easier for cybercriminals to hack your accounts.

Using stronger passwords won’t keep you secure from all the cyberthreats out there, but it’s a great first step.  If you need help, reach out to NDSE today!