Cyber Security Awareness Month: Is your password really protecting you?
When we talk about cyber security, we always mention the importance of having a strong password. After all, it is the first line of defense in protecting against cyber criminals. But even as we tell you to have a strong password, we realize that you may be wondering what that really looks like. So we're offering a brief primer on passwords to help you set up an effective defense.
What Does a Weak Password Look Like?
Before you can fully understand what a strong password is, it helps to know what weak passwords look like and why they are so easy for hackers to break through. Weak passwords usually feature at least one of these common components:
Statistics from recent security breaches highlight the issues with using weak password practices. In most cases, 30% of the hacked passwords were 6 characters or less, with 40% using only lowercase characters, 16% using only digits and less than 4% using special characters (such as !*@#$?). Yet most users still utilize unsafe passwords.
An all lower case password that is only 6 characters long can be hacked by a computer within 10 minutes while 6 uppercase characters can be hacked within 10 hours and adding special characters only stretches the time it takes to crack the password to 18 days. Compare that to an 8 character password with special characters. It would take a computer on average 463 years to hack an 8 character password that contains a combination of uppercase, lowercase and special characters.
So What Makes up a Strong Password?
A strong password will be something that's hard to guess, and the more random it is, the more difficult it will be for an individual or a computer to crack. Some characteristics of strong passwords are:
So how can you incorporate the techniques of a strong password into a password that you can actually remember? There are a few different options that work, and one them can work for you.
String together random words
Look around your desk or your office and find a few things that have nothing in common, but that you see every day. For example, maybe your desk looks like this image:
Select a password that is made up of objects on the desk, then, for an added layer of security, add some numbers to the password - perhaps the digits of your gym locker combination or the date you brought home your pet, spread out within the password: 5Mug22Blue15Stapler!
Create a pass phrase:
Your password doesn't have to be actual words - in fact, it's better if it's not - and using a pass phrase that you shorten to just characters and numbers will give you a memorable password that's difficult to guess. For instance:
Uncle Bob runs fast to eat four Carrots! becomes: UBrf2e4C!
Does every Happy boy Like to Eat chocolate for breakfast?becomes: DeHbL2Ec4b?
Of course, it's beneficial to have more than one special character in the mix, so you could also use:
Uncle Bob runs fast to eat four Carrots! becomes: UBrf2e#4C!
But if a seemingly random pass phrase would be too difficult to remember, you could use info about a completely random place that no one would think to guess: MyLibraryis@1095Frost! At 22 characters, that's still an easy enough phrase to remember, but extremely difficult for hackers to crack.
However you choose to create your password and keep it memorable, it's becoming increasingly important that you not only choose a strong password, but that you follow best practices and change your passwords every 3 to 6 months. You should change your password if you have even a suspicion that it's been compromised. Also avoid using the same password for multiple accounts, and never enter it on a machine you don't trust (ie. a library computer or a public access portal).
By taking steps to secure and strengthen your passwords, you're protecting yourself and your sensitive data from cyber criminals. If you have questions about how to further safeguard against cyber security threats, Spud Software is here to help. Contact us at any time to find out how we can assist you in keeping your data secure.