Have you ever thought of what is a password and why we need it? In this guide, we have covered every details you need to know about passwords. Compromised passwords are very important for cyber attackers who want to gain unauthorized access to systems. According to research published by Verizon in 2017, cyber attackers used stolen or guessed passwords in 81% of the attacks.
Another important feature of attacks using passwords is existing cyber security solutions such as antivirus cannot notice them since they usually do not use malware.
Contents
What Is a Password?
A password refers to the string of characters used as a secret key to access a computer system or network. In general, these characters include the combination of letters, numbers, and symbols.
What Is the Importance of Secure Passwords?
Passwords are used for everything we do online. They serve as an extra protection layer for our identities and personal information on websites, discussion groups, email accounts, and much more.
For example, in a computer used by more than one user, the administrator creates a unique account for each user to ensure their account security and the system requires separate passwords to log into the accounts. Besides, we also use passwords for banking transactions and secure shopping.
It is very important to create and use strong passwords to prevent identity theft and protect sensitive information. Passwords are the most basic protection against cybercriminals. Hackers try to gain unauthorized access to a computer or secure account by guessing the password. Even the strongest passwords can be guessed with sufficient time, skill, and computer processing power.
As a result, using strong passwords is very important to gain time and prevent the attacks of cyber attackers.
What Can You Do for Secure Passwords?
The most important thing to avoid while creating a password is avoiding the use of simple words such as a password. These are commonly used passwords, and they are quite easy to crack.
Automated hacking software can guess them quickly. This is why you should avoid using simple words in your passwords. Here are some tips that you can follow to ensure the security of your password:
- Avoid using words available in dictionaries.
- Avoid using the inverse spelling of words available in dictionaries.
- Do not use words or information that can be learned in your everyday interactions. For example, your nickname, pet’s name, birth date, or other personal information.
- Regardless of their formats, avoid using dates and sequences of keys such as 123456.
- Do not share your password recovery question with anyone.
Lastly, do not keep your passwords on your computers. Passwords kept in computers are the easiest targets for hackers.
What Should You Do to Create Strong Passwords?
The best password is the password you can easily remember without hesitation. Of course, you need to have a separate password for each account. Thus, in case hackers crack your password, they cannot access your other accounts.
Here are some tips that you can follow to create strong passwords:
- Your favorite poems, songs, authors, or books with their page numbers. For example, DaA485DB (Demons and Angels – 485 – Dan Brown)
- You can replace the words with numbers that look similar to them. For example, wh4t’supm8 (what’s up mate), f33!1ngg00d (feeling good)
- You can also use a random password generator.
Common Password Mistakes to Avoid
If you only trust your passwords to ensure the security of your computer, mobile devices, and accounts, then the following information is for you. We have discussed details about the passwords, and now, we are going to emphasize what you need to avoid while creating passwords.
As we mentioned before strong passwords are your first line of defense against hackers and cybercriminals trying to gain unauthorized access to your accounts.
Despite this fact, many people usually neglect the importance of their passwords. Thus, we are going to explain the most common password mistakes people make.
Very Short Passwords
About a decade ago, passwords made of five or six characters were used to secure enough for many users. However, the processing power of computers has increased astonishingly in the last few years. As a result, today passwords made of six characters are considered as bad as not having a password at all.
You need to make sure that your new password should be at least eight characters, but ten to twelve characters are recommended. It is always a good idea to prefer passwords made of 14 to 16 characters for accounts such as your bank account.
It is worth noting that the IT staff of many organisations generally use passwords made at least 30 characters for important systems. This can be a great example to give you an idea about the importance of length.
Weak Passwords
If your password is 123456789056 or abcdefghijkl, it will not matter even if it has 12 characters. Cyber attackers try such passwords as a priority. Even common phrases such as youcandoit or nothingisimpossible are among the first passwords that hackers try.
Hackers have private dictionaries that include millions of examples of the most common passwords and their variations. They can crack these simple passwords and their variations only in minutes and sometimes in seconds by using a home computer.
In fact, it is a good idea to check the most common password lists to make sure that you do not use one of them. Besides including numbers and symbols, a strong password must contain both uppercase and lowercase letters.
Such passwords will slow down the attempts of hackers. However, modern computers are fast enough to try such combinations and crack the passwords in a few hours or maybe days. Besides being strong, your password must be rare too.
Instead of randomly pressing the keyboard, you need to try a method that will make your passwords easier to remember. For example, try with a random password. You can prefer a famous phrase, quote, or lyrics of your favorite song.
Here is an example:
“You only get one shot, do not miss your chance to blow”
Now let’s take the first character of each word: yogos,dnmyctb
After that replace some letters with symbols and numbers: y0g0$,dn8yctb
Now add the name of the song, which is Lose Yourself and capitalize some letters:
LYY0g0$,Dn8yctb
This is a great method to create new passwords, which you cannot forget too often. However, if you have dozens of passwords, it may be challenging to remember each of them with this method. This brings us to the third mistake.
Same Passwords
As you make your passwords longer and more complicated, it makes much more sense for you to use the same password for all accounts. Thus, all you need to do is remember just one password.
Unfortunately, if you do so and a hacker hacks your password, he or she will gain access to all your accounts. This is why you need to create a separate password for each account you own.
As we mentioned before, it will be challenging to remember all these passwords, and this brings us to the fourth mistake.
Writing Down Your Passwords
Many people create strong and unique passwords. After that, they write them down on a piece of paper to not forget them and leave them on their desks. Some people even write their passwords in their notebooks which they leave around.
A hacker may not be able to find this notebook but what about your friends or family members? Perhaps someone broke into your house, and they acquired your passwords. If the thieves are smart enough, they may cause lots of problems for you.
Instead of writing down your passwords, get a powerful password manager. This is software that keeps all your passwords secure, and you can access it with a single password.
Some of these applications can also create dozens of unique passwords and all you will have to do is remember one of them to access them all. There are many password managers developed for this method and most of them have free versions too.
Not Changing the Password
You may have heard the advice that you need to change your password once every 6 months, 3 months, or every month. Many studies on cyber security also back this advice. This means that it is a good idea to change your passwords regularly.
Of course, it will be quite annoying to change your passwords regularly. This will lead many people to create weak passwords or use the old passwords again and again.
Besides these, you need to spare time to check your passwords and update the passwords you have not changed for many years. It is highly possible that your old passwords fit into some of the above-mentioned password mistakes.
If you would like to have a detailed audit on the passwords of your employees or increase their awareness, we can help you. You can contact us at any time to get information or receive a free quote.