How to create a strong password and keep hackers at bay

How to create a strong password and keep your digital profiles safe

Creating a strong password can be an administrative nightmare. You could end up with hundreds of accounts with numerous usernames and passwords. The average number of passwords for online users is 26 per person. Keeping track of them and ensuring they are all hack-proof can be an excel spreadsheet juggling act. 

Create a strong password because hackers are real

Create a strong password because hackers are real
They out there, working all the time.

When we don’t know how to create a strong password, we either use the same passwords for different accounts or create similar versions of the same password. Although this approach may seem safe, just remember that hackers are real. 

Hackers start with targeting common passwords like ‘admin’ or ‘password’ or passwords that begin with a capital letter.

If you want to check if your passwords have been breached, visit this website haveibeenpwned.com.

What hackers are capable of in 0.3 milliseconds

What hackers are capable of in 0.3 milliseconds
The more characters you use the harder to break.

Hackers are getting more intelligent and innovative and realise that most web users don’t really know how to create a strong password. 

They target the simplest, most common passwords first. After that, they move on to passwords with the least amount of characters. The more characters you use in a password, the harder it is to break. It has been discovered that a password with 7 characters will take about 0.3 milliseconds to crack. Still, a password with 12 characters can take up to 200 years to break. 

Think of a safe with a combination lock. If you used your birth date for the code and a safecracker has this information from your facebook page, no problem breaking in. But if you used a combination of eight numbers randomly selected by rolling a dice, then it’s not so easy to break.

Different types of hacking attacks and creating a strong password

We could write an entire article on the different types of attacks you may experience. Here is a snapshot of the most common attacks and some tips on how to safeguard against them:

1. Keylogger attacks 

This is the action of recording the keystrokes a person is making while typing on their keyboard.

Tip

After creating a strong password use a manager, like 1-password which auto-fills the information.

2. Brute force attacks 

In this attack a bot uses common passwords like ‘password’ or ‘1234’ and enters them into your login page. Over time, there are multiple attacks, and if the bot hits the correct password, they are into your account. 

Tip

Use a lockout policy. If, for example, there are three failed login attempts, it locks out anyone from entering a password again until reset.

3. Dictionary attacks 

With a dictionary attack a bot uses all the words from a dictionary and enters them into your login page. Over time, there are multiple attacks, and if the bot hits the right word, they are in. Just ask LinkedIn. LinkedIn had six million passwords hacked in 2012. Make sure you create a password when using LinkedIn.

Tip

Don’t use predictable words or shared passwords.

4. Phishing attacks 

Hackers masquerade as ‘legitimate’ businesses and get users to open attachments, click on links or download malicious files. 

Tip

Never click on links, download files, or open attachments from unknown senders. Always verify payment and update bank detail requests by calling your service provider to confirm an email. Also, never email personal or financial information even to those you trust, as your email could be intercepted.

Different types of hacking attacks and creating a strong password
Hackers record keyboard strokes to uncover passwords.

How to create a strong password in a practical way

1. Use your web browser to create a strong password

Your favourite web browsers now offer random password suggestions when creating a new account on any platform.

2. Use an excel spreadsheet or calculator

Go mad typing random letters, numbers and symbols into different blocks in an excel spreadsheet or on a calculator to create a strong password. Spread your fingers across your keyboard to avoid common typing patterns. 

3. Mix things up

Use letters both small and capital letters. Avoid typical capital letters, e.g. using capitals at the beginning of a password.

4. Use numbers and symbols 

Use a combination of random numbers and symbols like the asterisk.

5. Introducing more characters creates strong passwords

Fourteen characters are ideal, and eight characters should be the minimum to use.

How to keep all your created passwords safe

How to keep all your created passwords safe
Use a virtual vault for your passwords

Now that you know how to create a strong password, you need to keep them safe.

1. Avoid using an excel spreadsheet and use a digital vault 

Excel spreadsheets are cool when creating passwords but not to keep them safe. Instead, use one of these tools to secure all your passwords:

1password

This password manager was created by AgileBits Inc. It provides a place to create strong passwords and store passwords, software licenses, and other sensitive information in a virtual vault. The virtual vault is locked with a PBKDF2-guarded master password.

Lastpass

LastPass is a password manager designed to store your encrypted passwords online. It includes plugins for various web browsers and apps. 

Protecting your digital profile

Protecting your digital profile
Protecting your digital profile

Here are a few ways to add an extra layer of protection to your online profile in conjunction with creating a strong password.

1. Use a VPN (a virtual private network)

The only way to cloak your web activity (including your ISP) is to connect to a VPN. Here is a list of tried and tested VPN’s from security.org

2. Use identity theft protection

You can use some excellent software packages like this local security company.

3. Two-factor authentication

Use two-factor authentication for the most sensitive of accounts. You can set this up at authy.com, and some platforms like Apple and Google give you this option. 

A final word of advice

Your first line of defence is your device (phone, laptop etc.). Make sure you create a strong password for all your devices. If someone gets into your device and all your login details are visible, well then, game over.