Cyber Security Awareness Month: Is your password really protecting you?
When we talk about cybersecurity, we always mention the importance of having a strong password. After all, it is the first line of defense in protecting against cyber criminals. But even as we tell you to have a strong password, we realize that you may be wondering what that really looks like. So we're offering a brief primer on passwords to help you set up an effective defense.
What Does a Weak Password Look Like?
Before you can fully understand what a strong password is, it helps to know what weak passwords look like and why they are so easy for hackers to break through. Weak passwords usually feature at least one of these common components:
- Short passwords (6 characters or less)
- Words in the dictionary (password)
- Your name or the names of close family members, friends or pets
- Simple keyboard patterns (ie. qwerty123) or strings of numbers (123456)
- A repeated character or series of characters (AAAAAA, IOIOIO)
- Adding 123 at the end of common words or names (software123)
- Previously used passwords
- Personal information (phone numbers, addresses, birthdays)
Statistics from recent security breaches highlight the issues with using weak password practices. In most cases, 30% of the hacked passwords were 6 characters or less, with 40% using only lowercase characters, 16% using only digits and less than 4% using special characters (such as !*@#$?). Yet most users still utilize unsafe passwords.
An all lower case password that is only 6 characters long can be hacked by a computer within 10 minutes while 6 uppercase characters can be hacked within 10 hours and adding special characters only stretches the time it takes to crack the password to 18 days. Compare that to an 8 character password with special characters. It would take a computer on average 463 years to hack an 8 character password that contains a combination of uppercase, lowercase, and special characters.
So What Makes up a Strong Password?
A strong password will be something that's hard to guess, and the more random it is, the more difficult it will be for an individual or a computer to crack. Some characteristics of strong passwords are:
- At least 8 or more characters. The more you use, the harder it is to crack.
- A mixture of uppercase and lowercase letters, numbers and special characters. (A 9 character password that utilizes numbers and special characters could take up to 44,530 years to crack!)
- No obvious substitutions, ie: J0hn$m1th
- Unique phrases or combinations of letters
We understand that not everyone wants to use a completely random password (such as SdM*63r7$#alx) as these can be incredibly difficult to remember. If you have to write a complex password down and store it near you're computer, it's no longer a strong or safe password.
So how can you incorporate the techniques of a strong password into a password that you can actually remember? There are a few different options that work, and one them can work for you.
String together random words
Look around your desk or your office and find a few things that have nothing in common, but that you see every day. For example, maybe your desk looks like this image:
Select a password that is made up of objects on the desk, then, for an added layer of security, add some numbers to the password - perhaps the digits of your gym locker combination or the date you brought home your pet, spread out within the password: 5Mug22Blue15Stapler!
Create a passphrase:
Your password doesn't have to be actual words - in fact, it's better if it's not - and using a passphrase that you shorten to just characters and numbers will give you a memorable password that's difficult to guess. For instance:
Uncle Bob runs fast to eat four Carrots! becomes: UBrf2e4C!
Does every Happy boy Like to Eat chocolate for breakfast? becomes: DeHbL2Ec4b?
Of course, it's beneficial to have more than one special character in the mix, so you could also use:
Uncle Bob runs fast to eat four Carrots! becomes: UBrf2e#4C!
But if a seemingly random passphrase would be too difficult to remember, you could use info about a completely random place that no one would think to guess: MyLibraryis@1095Frost! At 22 characters, that's still an easy enough phrase to remember, but extremely difficult for hackers to crack.
However you choose to create your password and keep it memorable, it's becoming increasingly important that you not only choose a strong password but that you follow best practices and change your passwords every 3 to 6 months. You should change your password if you have even a suspicion that it's been compromised. Also, avoid using the same password for multiple accounts, and never enter it on a machine you don't trust (ie. a library computer or a public access portal).
By taking steps to secure and strengthen your passwords, you're protecting yourself and your sensitive data from cybercriminals. If you have questions about how to further safeguard against cybersecurity threats, Spud Software is here to help. Contact us at any time to find out how we can assist you in keeping your data secure.
We'd like to introduce you to Corina! Corina is a sweetheart of a cat who is about a year old and is a friendly social butterfly. She gets along with cats and dogs and she'd love to join your forever family.
If you're interested in adopting James or any of the other residents at Lucky Day Animal Rescue, visit their website and fill out an adoption form. You can make it some animal's Lucky Day!
Spud's owner Derek Sommer was spotted sporting his favorite Spud gear at the last concert of the year at DTE. It looks like everyone had a great time before the concert started. We hope they enjoyed the music just as much.
Have you seen a Spud shirt lately? Send us a picture to be featured in our newsletter!
"Perseverance is not a long race; it is many short races one after the other."
- Walter Elliot