In the real world, if you want to access sensitive data such as your bank account or medical data, for example, you have to show your ID to officials. Firstly, your ID at least has your full name and a photograph, etc.
Now, moving your attention from offline to online world, you may think of your full name as a login and your photo as a password. So if someone looks exactly the same as you, they could use your documents to get access to your private data. That’s the same thing with passwords.
Your login may often be publicly known, however your password is the thing that keeps your account and personal data private and secure. So let’s imagine that 98% of people look the same and almost everyone has the same face and the same photo in their passwords.
That is exactly what happens in the realm of digital identities. Recent password statistics show that today an average person spends about 11 hours online per day and most of the websites or online resources people use daily, from social networks to email are secured using a simple password.
These passwords are usually too simple, believe it or not, and most people’s passwords aren’t very good at all. They’re so bad to such an extent, that when you hear someone’s account was hacked, usually it means their password was simply guessed. Yes, you got it right – guessed – the list or database of the 10,000 most common passwords used by internet users can access more than 99% of all accounts out there.
This list is commonly known and available to anyone. You can literally just google for “most common passwords list”, and you’ll get an idea how bad the situation is. Most people tend to repeatedly use the same easy to guess passwords, over and over again. We’re talking for several services at the same time.
Ask yourself how many services you use that have the same password for your accounts, despite the fact that you know weak passwords can lead to personal data theft.
So, what represents a strong password?
Let’s now go and take a look at how we can enforce our passwords and how easily passwords can be hacked. First, let me explain what the common methods that hackers try, in order to discover yours or other victims passwords. These attackers often attempt to log into accounts by simply guessing likely words, such as their surnames, pet names, birth dates, children’s names, their town or city, and other commonly public information.
Then we have online and offline dictionary attacks, this is where the attacker uses an automated program that includes a database of possible passwords. The program continually attempts to log on to the desired service, using a different password from the database file.
A brute-force attack this is a variation of the dictionary attacks however it is intended to determine passwords that may not be included in the text file used in those attacks despite a brute force attack can and sometimes ease down online due to network bandwidth and latency they are often done offline using a copy of the target systems password file or database.
Attackers can easily access databases and special hacker scripts that will easily generate encrypted versions of passwords, and then automatically compare them to the values in the password file, and at very fast rates too.
Each of the above password attack methods can be either significantly slowed down or stopped entirely, just by ensuring that you always use a very strong password. Ideally, all computer users should consider network and cloud security and use strong passwords for all of their computer accounts. Fortunately, it isn’t hard to create a good strong password.
So, what makes a good password?
It should be easy enough to remember. Most devices recommend that you shouldn’t write the password down, however I don’t agree with that. To enter your password quicker, it is in fact better to memorize it. However, if you are going to use different strong passwords for every account and you don’t trust password managers, and you don’t have a phenomenal memory you will have to write it down.
However, it actually could be one of the most secure ways to save your passwords. Yes it is not a good idea to write them in plain text, you will have to find your own way to sort of cypher or modify your passwords before you write them down, so that only you can read them and tell what account does it work for.
Always use at least 10 characters. It takes a day to crack an eight character password, and in most cases well it takes about 591 days to crack a 10 character password. That is why it is recommended that you use passwords of at least 10 characters or more and change them regularly, at least twice a year.
You should always use a mixture of characters and cases. It is a very good idea to use a mixture of uppercase letters, lowercase letters, one or more numbers and at least one or two special characters.
What makes a bad password?
However, to make up a truly strong password it is not only essential to bear in mind what you’ve already heard however you should also be aware of what to avoid in creating a password.
You should always avoid names of any kind. These include your login name, your own name or a family member name, any pet’s name, your city or any other name on this planet. Personal information such as your phone number, address, birthday, license plate number, your PIN or social security number.
Any words that are contained in an English or foreign language dictionary. You should never ever use ordinary words that can be found in the dictionary, regardless of the language.
Take your time to create strong passwords for each of your main accounts, and start a habit of changing them frequently. Protect your data and accounts at all costs, and be ready to keep an eye out for any attempts to hack your accounts.