Creating a strong password can be an administrative nightmare. You could end up with hundreds of accounts with numerous usernames and passwords. The average number of passwords for online users is 26 per person. Keeping track of them and ensuring they are all hack-proof can be an excel spreadsheet juggling act.
Create a strong password because hackers are real
When we don’t know how to create a strong password, we either use the same passwords for different accounts or create similar versions of the same password. Although this approach may seem safe, just remember that hackers are real.
Hackers start with targeting common passwords like ‘admin’ or ‘password’ or passwords that begin with a capital letter.
If you want to check if your passwords have been breached, visit this website haveibeenpwned.com.
What hackers are capable of in 0.3 milliseconds
Hackers are getting more intelligent and innovative and realise that most web users don’t really know how to create a strong password.
They target the simplest, most common passwords first. After that, they move on to passwords with the least amount of characters. The more characters you use in a password, the harder it is to break. It has been discovered that a password with 7 characters will take about 0.3 milliseconds to crack. Still, a password with 12 characters can take up to 200 years to break.
Think of a safe with a combination lock. If you used your birth date for the code and a safecracker has this information from your facebook page, no problem breaking in. But if you used a combination of eight numbers randomly selected by rolling a dice, then it’s not so easy to break.
Different types of hacking attacks and creating a strong password
We could write an entire article on the different types of attacks you may experience. Here is a snapshot of the most common attacks and some tips on how to safeguard against them:
1. Keylogger attacks
This is the action of recording the keystrokes a person is making while typing on their keyboard.
After creating a strong password use a manager, like 1-password which auto-fills the information.
2. Brute force attacks
In this attack a bot uses common passwords like ‘password’ or ‘1234’ and enters them into your login page. Over time, there are multiple attacks, and if the bot hits the correct password, they are into your account.
Use a lockout policy. If, for example, there are three failed login attempts, it locks out anyone from entering a password again until reset.
3. Dictionary attacks
With a dictionary attack a bot uses all the words from a dictionary and enters them into your login page. Over time, there are multiple attacks, and if the bot hits the right word, they are in. Just ask LinkedIn. LinkedIn had six million passwords hacked in 2012. Make sure you create a password when using LinkedIn.
Don’t use predictable words or shared passwords.
4. Phishing attacks
Hackers masquerade as ‘legitimate’ businesses and get users to open attachments, click on links or download malicious files.
Never click on links, download files, or open attachments from unknown senders. Always verify payment and update bank detail requests by calling your service provider to confirm an email. Also, never email personal or financial information even to those you trust, as your email could be intercepted.
How to create a strong password in a practical way
1. Use your web browser to create a strong password
Your favourite web browsers now offer random password suggestions when creating a new account on any platform.
2. Use an excel spreadsheet or calculator
Go mad typing random letters, numbers and symbols into different blocks in an excel spreadsheet or on a calculator to create a strong password. Spread your fingers across your keyboard to avoid common typing patterns.
3. Mix things up
Use letters both small and capital letters. Avoid typical capital letters, e.g. using capitals at the beginning of a password.
4. Use numbers and symbols
Use a combination of random numbers and symbols like the asterisk.
5. Introducing more characters creates strong passwords
Fourteen characters are ideal, and eight characters should be the minimum to use.
How to keep all your created passwords safe
Now that you know how to create a strong password, you need to keep them safe.
1. Avoid using an excel spreadsheet and use a digital vault
Excel spreadsheets are cool when creating passwords but not to keep them safe. Instead, use one of these tools to secure all your passwords:
This password manager was created by AgileBits Inc. It provides a place to create strong passwords and store passwords, software licenses, and other sensitive information in a virtual vault. The virtual vault is locked with a PBKDF2-guarded master password.
LastPass is a password manager designed to store your encrypted passwords online. It includes plugins for various web browsers and apps.
Protecting your digital profile
Here are a few ways to add an extra layer of protection to your online profile in conjunction with creating a strong password.
1. Use a VPN (a virtual private network)
The only way to cloak your web activity (including your ISP) is to connect to a VPN. Here is a list of tried and tested VPN’s from security.org.
2. Use identity theft protection
You can use some excellent software packages like this local security company.
3. Two-factor authentication
A final word of advice
Your first line of defence is your device (phone, laptop etc.). Make sure you create a strong password for all your devices. If someone gets into your device and all your login details are visible, well then, game over.