So they affect us all, most of us have a multitude of passwords to remember, or are you one of the ‘Actually I only have one which I use for everything’ brigade? It’s ok you are not alone.
Many businesses are beginning to move away from a singular reliance on passwords to protect their company’s sensitive data. On a personal level there is actually more each and every one of us can and really should do to prevent our on-line identities being hacked.
Before we go into how to create an unbreakable password let’s just look at how the hackers manage to crack your password in the first place.
How does a hacker learn my password?
Social network sites can be to blame here, as one method the dedicated hacker uses is to look at these sites including Facebook, and Twitter to research their ‘target’. These sites are full of information about their victim, so the hacker uses the information gleaned to try to guess your password. To be honest, these sorts of attacks on your personal password are very hard to prevent, but thankfully they are rare. They are also easily avoided if you follow certain rules when picking a new password:
1.) Don’t use your children’s/pets’ names as passwords. 2.) Don’t use your spouse’s name either, even if you do ‘cleverly’ combine it with their birthday !! Yes it’s quite a common mistake.
A dedicated hacker could also use a brute force attack, using automated programs – either trying the most common terms in major languages, or going through every possible character combination.
Often they will try common password lists, such as “123456″, “qwerty”, “abc123″ and, of course, “password” – so please don’t use them either.
So how can I create an unbreakable password?
You are best to use an invented phrase or word as this is much harder to crack, especially if you add numbers and symbols. Before you rest easy, do be aware current hacker tools can try 100 million, yes we did say 100 MILLION checks per second, so even a truly random password might not take long to break:
Just to scare you, did you know:
• A password of 4 characters can be broken in 0.16 seconds • 6 characters takes on average just 11.4 minutes • However an 8 character password would take 32 days to crack • and 10 characters takes on average 365 years!!!
Before you break into a cold sweat conjuring up your new 10-character, random password for every site you visit (which of course you also mustn’t write down), don’t panic (I believe we’ve mentioned that phrase before) – there is an easy and fast solution.
The key to creating a secure password
1.) Break your password down into at least two parts, it makes it easier to remember. 2.) Think of something you know, and something you own.
Now, here’s the relief, one part stays the same, for every account you have. This part can actually be quite complex, because as long as it’s only 4 characters you should have no problem remembering it. For example J&2*. Think of this as your ‘something I know’ bit.
The second element of your password should be relevant to the site you are logging in to. So, for example, for an online clothes company you might use the phrase ‘lookingfab’ alongside your complex 4 character part. For a lottery site you might add ‘lucky8′, etc – as long as it is different for each one.
Now you’ll be relieved to hear, if needed, it wouldn’t hurt if you wrote these down, not on a post-it, stuck to your PC though! You can always use the notepad on your phone. This part forms the ‘something I own’ element.
If you still need help with your password management, there are some tools that allow you to register the complex element of your password and it sends you (via SMS) the second part periodically i.e. when it needs to changed. By saving the message you have a constant reminder.
There are plenty of companies out there working as hard as they can to make it tougher for criminals to steal our online credentials, but it’s an uphill struggle so we need to do our bit to protect ourselves and our business data.
Take our advice and use this simple technique for your passwords. Pass on this advice to your staff too and at least if someone does try to hack your account it will take them at least a year to do it by which time you’ll have renewed it. Best of all, you’ll never forget a password again.
