Secure passwords are essential for keeping your data and confidential information safe. The security of your business depends on measures to stop people gaining access to your records without authorization. Passwords can be a nuisance and many people – maybe you included – sometimes cut corners. But it’s just not worth sacrificing security for convenience and passwords that are really easy to remember. This week we’ll look at a few practices you can adopt to boost the efficacy of your passwords.
How can Passwords be Cracked by Cybercriminals?
In general, there are two main ways to get past a password. The first involves cybercriminals (or ‘bad actors’, as they’re sometimes known) figuring out your password or tricking you into revealing it. Sometimes hackers can figure out your password by going through your online activities to get clues about possible passwords or to design ways to fool you into revealing it. Phishing and malware can also be used to get passwords.
You need to be able to make your passwords ‘guess-proof’, without making them so complicated that they’re impossible to remember. This should apply to all passwords used by your business, including those used by your staff.
Strong Passwords v Memorable Passwords
No matter what the password is for, there are two things to remember:
1) If a hacker can’t guess or crack a password then they may well try to use brute force – trying every possible combination until they can break through.
2) A secure password and a password that is resistant7to brute force are not the same thing.
When creating a new password you need to make sure that it is both secure and strong.
Optimize Your Password Security
These are the characteristics of a good password that you should aim for:
- • Length – ideally 16 characters or more
- • Diversity – including non-consecutive letters, numbers and symbols
- • Obscurity – no common words or numbers, private information or details that are publicly accessible
Knowing how cybercriminals crack passwords helps to create one that’s secure. About 40% of passwords are created with only lowercase letters, and hackers know this. Every additional variation will make their job a whole lot harder and more time-consuming. If it takes too much effort then they are likely to move on to easier prey.
The problem is that long and complicated passwords are hard to remember. You need to be able to commit it to memory. A secure password that doesn’t defeat your memory skills but is also a secure option could consist of some random words, plus capital letters, plus alphanumeric substitutions and, finally, repeating symbols at both ends. Even if it’s theoretically possible to break it, the time it takes should put the hacker off.
The format of such a password might look like this: ====p44k,,,@ss0c!@t5d,,,p0ck3t==== It would be almost impossible to guess. By using this formula, but with your own letters, numbers and symbols inserted, you should be able to come up with something that’s not too hard to remember but is both strong and resistant.
How to Remember Passwords
You might be thinking ‘I’ll never remember one password like that! Let alone lots of them’. Adding to the problem is that best practice is to have a different password for every account you have. It might all seem too daunting. This is where a password manager comes in useful.
Password managers are simply a piece of software that stores your passwords safely, with just one master password to allow you access. You can see the advantages. You won’t have to remember all those passwords for all those online accounts (and these days you probably have plenty of them) but they will be held securely. You’ll only have to commit your master password to memory.
Quikteks is here to help with your passwords and access management, as well as all other aspects of your business security. To learn more about how we can assist, give our IT professionals a call at (973) 882-4644.