The Internet has made our lives easier, but it has also made us more vulnerable. Are your passwords making you more vulnerable?
We can access our bank accounts online, shop from our homes and offices, watch our favorite shows, and interact with family and friends through social media. We can sell our product or service to others or on behalf of the company we work for. Each of these access points requires us to have a login name and password, also known as credentials. Many people use the same credentials to login to these various sites (access points) because it’s easy for them to recall it from memory, but if a data breach has exposed your login name and password, it makes all of your online accounts vulnerable.
Data Breaches Happen
In the news, you hear about data breaches in which hackers gain access to credentials from popular sites, but did you know they attempt to breach accounts all day long, 24/7, every day of the year? To hackers, it’s a full-time job. For every popular site they hack, it’s highly probable that less popular sites suffer the same fate. Exposure of your credentials is possible from big or small sites.
Is Your Password Easy to Guess?
When popular sites are hacked and passwords revealed, what’s found is alarming. The two most common passwords used on the Internet in the past decade are “password” and “123456”. Others are “abc123” and “qwerty”. People use easy to remember combinations such as celebrity names, sports teams and terms, pop culture terms, and simple keyboard patterns such as “!@#$%^&*”. The latter looks difficult, but it is created simply by holding the Shift key down while entering the numbers 1 through 8.
Triple encryption won’t protect you when a password is too simple, or it is obtained through a data breach. The word “password”, encrypted or not, is still too simple. A password obtained from a data breach is already known.
Software Not Humans Guess Passwords
Humans are not trying to guess your password. Software is. You might imagine that a person sits at their desk, at their computer, typing login credentials until they gain access to someone’s account, but that’s not what happens. Professional hackers use software which automates their attempts to access accounts.
Password cracking software can try hundreds of thousands of password combinations in a short period of time. One piece of software boasts 103,000 password attempts per second over the Internet. If your password is too simple, too short, or already exposed, the software will figure it out quickly.
What is a Secure Password?
Two major studies, in 2014, claimed that a secure password should be at least twelve (12) characters long. In addition, avoid words found in the dictionary. A password should have both upper and lower-case letters, and should contain one or more symbols, if allowed.
Here are examples of strong passwords, “tV56Rt^mA9x2” and “Pb47-j6!OvT9”. Both have twelve characters which would provide a real challenge for those trying to crack it. Some people prefer to use longer passwords, at sites that allow it, so they use pronounceable words such as “MorgMainsBulleds59”. Although these passwords are secure, many people still use them across multiple sites and, if one site is compromised, it makes your account at all the sites vulnerable.
One Password per Site is Possible
There’s a better solution to manage passwords that gives you the ability to remember only one strong password while assisting you in generating and managing strong, unique passwords on multiple sites.
Password management software such as 1Password or LastPass offers secure storage of passwords for use across all of your devices. These products also store digital records, such as Wi-Fi passwords, email passwords, credit cards, software licenses, passports, secure notes, and more, making them more than just password managers. Optional family and business plans help keep your family and company safe.
Please don’t take using secure passwords lightly. If it is too simple, it won’t be safe in today’s world.
The passwords displayed in the examples above are now public so please don’t use them.