Serious Cyberattacks Still Don't Scare Us Into Creating Strong Passwords

More than half the year has passed us by; very quickly it seems. We saw data breaches, malware attacks that spanned the globe shutting down large enterprise organizations as well as mom and pop companies. We heard of Department of Justice takedowns of cybercriminals committing various cyber-related atrocities that resulted in data, payment card, email, and password thefts. Yet, according to a report from Keeper Security, people still are not concerned enough to create strong passwords for their online accounts.

Creating a strong password is something relatively simple to do and for which you have total control. Try using a base password and adding on to it depending on which website you are visiting. For example, try using a base that is basically gobbledygook such as “H73fz#” and add characters from the website to it to create a unique password. If you have an account on Yahoo for instance, try “YaH73FZ#” for that site. For Google, maybe it’s “GoH73FZ#.”

Also remember these few tips:

• Use at least eight characters for every password.
• Don’t use dictionary words or other words that are meaningful or identify you like your birthdate or driver’s license number.
• Use special characters and numbers in all of your passwords.
• Keep your backup password options updated. For example, if you forget your password, but the backup email for that account is no longer active, it’s going to cause you some grief to get that password reset.
• Don’t leave your passwords on sticky notes attached to your monitor or under your keyboard. You don’t leave your house key under your mat anymore (hopefully), because the bad guys look there first. It’s the same philosophy here. If you must write them down, keep them hidden, preferably locked away somewhere separate from your computer or mobile device.

It’s easy to assume your password will never be stolen or used against you, but this does happen. There are two main ways passwords can be cracked: Dictionary cracks and brute force attacks.

At a basic level, for a dictionary attack the hackers try combinations of known passwords and personal information to try and guess the password. In fact, in a recent presentation, Department of Justice officials talked about how investigators were able to gather evidence to put away an infamous Russian cybercriminal using this technique.

A brute force attack involves machines and software tools that are able to test billions of passwords per second. However, if your passwords are strong and complex, it’s less likely either of these methods will work.

The report from Keeper security found that the most common, out of 10 million analyzed passwords, is still “123456.” It made up 17% of the passwords people used. Don’t use that one or “password” or “football.” Be more creative than that and you have a chance of keeping your accounts safe.

© Copyright 2017 Stickley on Security