Is Your Password Secure Enough?

There is a good reason why Netflix warns users to change their passwords. When successful giants like LinkedIn, Google, eHarmony, Yahoo and many more have had problems with security breaches and cracked passwords, one should seriously consider creating a stronger password. In this new era of cybercrime, no one is safe from potential hack attacks and keyloggers. Typing “incorrect” or “I don’t know” as passwords may be humorous to some, but they are extremely insecure. And security is, by no means, a laughing matter. If you think those passwords are bad, check out this list of the 10 worst, and insecure, passwords on the internet*:

  1. 123456 (#1 for the 3rd straight year)
  2. password (#2 for the 3rd straight year)
  3. 12345
  4. 12345678
  5. football
  6. qwerty
  7. 1234567890
  8. 1234567
  9. princess
  10. 1234

Of course there are methods of creating a more secure password, but still, concerning massive digital breaches lately, we can do more than just steering clear of the “popular” cliché’s like “qwerty123” or “loveme123456”. Six letter passwords do not withstand high-quality cracking software either. So here are a few things to consider when making your password more secure:

Length and complexity

In this fast-paced digital era, today’s computers are extremely quick and efficient, compared to machines of a decade ago. This means it is much easier today for a cyber criminal or hacker to make quick work out of an unsuspecting victim’s professional or personal info. Millions of password leaks are being reported consistently, yet so many simply refuse to understand why password length and complexity are so important.

A minimum of eight characters in a password is considered, in some circles, to be sufficient. But we recommend that you consider 16 to 20 characters, or more. One should make easy-to-remember sentence passwords, random phrases or even song lyrics as it should be more than enough for tighter security for your networks and devices.

Thinking outside the box is key. Even if popular articles suggest unique ideas for your password, it is not a good idea to take them for granted. Invent your own pattern which only you will remember. Hackers tend to keep updated on latest trends. They are informed about popular patterns and will be more than happy to try out these password hints.

Password patterns

There are a lot of Star Wars fans in the world with solid knowledge of the franchise and universe. Hackers know this. They also know that “maytheforcebewithyou”, for example, is a common estimate when attempting to hack someone’s password.

Master Yoda would recommend using the standard mixture of upper-case characters, symbols and numbers. However, this practice is complex and you should not use the same difficult password with all your accounts. If thieves get their hands on one password, you can bet they will use it on your other accounts.

Additionally, a 2013 research study for Federal Defense Advanced Research Projects Agency, by Korelogic reports that there is a common pattern in the upper-case, symbol, and number passwords that people use. The pattern goes like this: first character is upper-case, followed by 5 or 6 lowercase, then 3 numbers or year of birth. The common mistakes are putting a first upper-case letter, ending the password with an exclamation mark and not scattering the numbers between the characters.

Our advice would be to utilize a multiple word phrase with approximately 16 characters, or more, made up of random words. For example, “correcthorsebatterystaple”, which is comprised of four common english words, but considered so random that in order for any hacking script to try and decipher it, 550 years with 1000 guesses per second would be needed.**

Are You Writing your passwords down?

Notepads won’t cut it either. Unique passwords are tough, so people typically write them down. Many people make the mistake of leaving notes with credit card passwords in their wallet or in a drawer. While cyber thieves don’t have the technology to access your bits of paper, your family members, roommates, colleagues, maintenance personnel and others do. And this probably goes against most businesses security best practices.

This is where password manager programs can help. The simple software utilizes a Master Password method of keeping your invaluable passwords with a single phrase. One can build extremely secure and unique passwords and will only need to remember one password to retrieve them. Programs like 1Password, Keepass, Dashlane, LastPass, Sticky Password and others, can save precious info and ultimately, time and money.

Changing your password

It should be noted that this is not exactly the most proper method for dealing with cyber breaches. Changing it every 2-3 months is not always the best idea because you will have to remember each and every password. You should only change your password if there has been a massive security breach on the website or service, so you should stay updated on the latest news.

Security questions are just as important. The strongest password can and will crumble because of a weak security answer. The questions usually are your mother’s maiden name, the city you were born in, and catastrophe can occur if hackers have this info. All of which can be easily obtained by Facebook or other leftover info on social media, depending by your privacy settings.

Taking things in account

To sum up, there is no foolproof method of creating an absolutely secure password. We can only make the effort to strengthen these passwords and protect our networks and vital information.

– Always make unique passwords with memorable combinations of words, symbols and numbers that do not resemble the common patterns like “Doolittle1982!”, or “7LittlePiglets#”.

  • Always use long, 16-character passwords which are complex enough but easy to remember
  • Never type your name, address, or year in your password
  • Consider using a password manager
  • Unless you’re living alone, do not write down passwords on sticky notes
  • Avoid using 12345 number string combinations
  • Avoid using the Top 25 Worst Passwords, according to SlashDot
  • * From SplashData “Worst Passwords of 2016”
  • ** TheVerge.com article “Best practices for passwords”