Having a strong and & secure password is crucial in today’s digital world. With almost everything you do online, accounts & passwords will always need to be created and verified across a wide range of platforms and devices.
Therefore we have written a short guide to help you create or adjust your password to help keep your accounts protected and increase your security online.
How Do Passwords Get Hacked?
In order to understand how to secure yourself, you must first have a brief understanding of how passwords can be hacked. Here are a few common methods hackers use to obtain your password and/or personal information.
1. Brute Force Attack: This type of attack attempts to guess every type of combination of words and letters until it matches yours. This is done by automated software and the time it takes is dependent on how strong the password is and whether the password has been breached. The lesson we can take away from this is that the longer and more diverse the password is, the better.
2. Phishing: This is a very common form of hacking that you probably encounter quite often. Hackers use social engineering to trick you into giving them your personal information.
You have probably received some form of a message from an unknown contact or even a fake company/representative that you have either won a prize for a competition you never entered in or requesting personal details from you because you need to authorize your account. Don’t be fooled, if it looks like a scam, it most likely is. Although some are quite obviously scam’s other attempts can be hidden cleverly behind forged documents and fake company details, logos and branding.
The aim of this attack is to trick the victim into unknowingly sending the hacker their personal information, banking details, card numbers, billing address and/or passwords to name but a few. The hacker will then use this information to gain access to that persons or companies accounts across google and social media such as Facebook or Instagram. If this is not a direct attack this information could be added to a database of collected information and used or sold later to other cyber criminals.
Below is an image example of one of the many messages you may come across of cyber criminals attempting to ‘phish” private information from you:
Image source: https://www.komando.com/happening-now/367273/top-story-amazon-phishing-email-could-lead-to-ransomware-attack
3. Password Breaches: This is where hackers have a database containing thousands of passwords that have already been compromised by cyber criminals. Software is then used to automatically match your password to the pre-existing compromised passwords.
What Determines The Strength of a Password?
Now that we have a very basic understanding of how passwords can be hacked. Its time to learn about what a strong & secure password consists of. This will help create your own unique password to protect your accounts with.
Here are some quick-fire tips to achieve this
- Make your password unique: This may seem simple, but we often become complacent when creating accounts across so many different platforms. Remember the saying ‘the chain is only as strong as the weakest link’, this applies to online security too.
Important Tip: Cyber criminals are able to hop from one account to the next using the account that has been compromised to reset passwords and accumulate more personal data about you to use for future attacks.
While we understand that passwords you create need to be something that you can easily remember, this is also risky. Often when we think of hacking, we imagine a hooded figure behind multiple computer screens and devices running code that appears to be from The Matrix, but this often is not the case.
“Hackers” can also obtain this information using your public information, such as important dates (birthdays/anniversaries), names of your favorite pets and loved ones. This personal data is easily obtained by doing quick searches on Google and social media platforms such as Facebook, Instagram and Twitter to name but a few. Therefore if you need to use something personal to remember your password make sure it is something that isn’t displayed publicly on the internet, although we recommend avoiding this entirely.
2. Avoid using sequential numbers or letters : Once again this seems very simple but I’m sure at some point we have all used 12345 behind at least one of our passwords. Other examples to avoid are common memorable key sequences such as QWERTY.
Important Tip: Please whatever you use, do not use PASSWORD
3. The longer the password the better: It is important to keep in mind that the longer the password is the more effective and secure it will be from brute force attacks. Software hackers use is based on algorithms. As with all algorithms, the longer the password is the higher the number of combinations and variations the algorithm will have to process through in order to find a match. While most accounts sign up processes force you to have a maximum of 6 characters, we strongly recommend aiming somewhere between 8-12 for maximum security.
4. Use mixed characters & capital letters: As stated in the previous point, the more variety that your password contains the more secure it is. Use symbols and capital letters to make your password harder to crack.
Now that we have revised areas to avoid, let’s list some methods to ensure we can create a secure password.
Creating A Safe & Secure Password
The Sentence Method:
This is where you write down any sentence you wish. Then only use the first two letters of every word. As we continue to omit certain letters and substitute others, the first sentence you use will be completely unrecognizable from the finished product.
For example: Iron Man is The Best
Using only the first two letters turns the sentence into : IrMaisThBe
From here you can substitute some letters for special characters and numbers to increase the password’s strength:
For example: 1rMa!sThb3
The first initial sentence “Iron Man is The Best” looks nothing like our newly created password: 1rMa!sThb3
Let’s add two more characters to reach our 12-character total:
Password: 1rMa!sThb3@5
As you can see above our password is now 12 characters long. It contains a good mix of capital letters, numbers and special characters. There are no common sequences within the password.
How To Remember Your Password:
Now that your have unique password has been created how will you go about ensuring that you remember it? For this part this is where you will need to spend some time committing your password to memory.
We recommend using good old-fashioned pen and paper to write down your password, using your actual password as a guide. Repeat the process as many times as you need until you start to learn the sequence off by heart. Once you start getting the hang of it, try writing the password down on a blank piece of paper without looking at the page you used to write it down on before. Keep repeating this process and you will have memorized your password in no time!
Keeping Your New Password Safe:
1. As mentioned above we highly recommend not saving this password on any digital device such as a phone, laptop or PC. Keep your password on a sheet of paper as a back-up.
2. DO NOT share this password with anyone. Keeping your password private is crucial.
IMPORTANT TIP: No company, staff member or representative should ever need to request your password from you, as this is against company policy. This includes banks, insurance firms and payment portals to name but a few. If you are unsure of a notification you have received, requesting your account information, we advise you to call the company directly and speak to a representative to resolve any issues you are unsure of.
3. Use Two Factor Authentication: This adds another layer of protection across your accounts as it will notify you when someone has tried to log into one of your accounts by prompting you with a message which will most often be on your mobile device.
4. Use a VPN when using public Wi-fi at places like airports, restaurants and shopping centers.
5. Never send your password over email or any other messaging platforms like WhatsApp, iMessage, Messenger etc.
In Conclusion:
Creating your new secure password might require some time and effort. Although when it comes to keeping your accounts safe this is a valuable initial investment. Prevent your personal details from being stolen. Choose the safe option and secure your accounts with a secure password!
Website Solutions shares blog articles regularly. These cover a wide variety of topics which we feel help educate our clients and the public on technology based information.
Follow us on our Social Media platforms and like and share this post with your friends, family and colleagues.
If you have any further questions don’t hesitate to reach out to us via our website at www.websitesolutions.co.za
You can also email us directly at [email protected] and we will be sure to contact you!