Your password is your first line of defence when it comes to securing your accounts for the various websites, apps and services that you use. Many victims of cybercrime have had their lifetime savings stolen, spent hours registering for new accounts, and their credit destroyed, all because of weak passwords.
According to the 2019 Verizon Data Breach Investigations report, 80 percent of data breaches are caused by compromised, weak, and reused passwords. Don’t let this happen to you. It is really important to start taking your online security more seriously than ever because the amount and sophistication of hacking activity has been steadily increasing for years and is now at record levels.
Your password is the key to your digital world. It authenticates your identity. In fact, your password is often the only thing protecting you from cybercriminals. But if you’re like most people, you probably don’t treat passwords all that seriously. And to some degree, that’s understandable because most people don’t regard themselves as potential targets of cybercrime.
But once you understand that anyone can be a target, you’ll see why your passwords are critically important.
Consider the following scary hacking statisitcs:
- There is a hacker attack every 39 seconds (Source: Security magazine)
- Cybercrime is more profitable than the global illegal drug trade. (Source: Cybersecurity Ventures)
- Hackers steal 75 records every second. (Source: Breach Level Index)
- You can purchase a consumer account for $1 on the dark market. (Source: RSA)
- 80% of hackers say “humans are the most responsible for security breaches”. (Source: Thycotic.com)
- Hackers are the average American’s biggest fear. (Source: Statista)
- More than 6,000 online criminal marketplaces sell ransomware products and services. (Source: McAfee)
- There will be 3.5 million cybersecurity job openings in 2021. (Source: Cybersecurityventures)
- Bank transfer scams costs customers £1 million a day. (Source: DailyMail.co.uk)
The most powerful and secure passwords will protect your online accounts from attacks and ward off attacks, but they don’t have to be difficult to remember.
Read on to learn how to create passwords for your online accounts that are not only extremely secure , but are also easy to remember…
How Hackers Crack Passwords
There are two main methods that attackers generally use to try to crack passwords:
1. Brute force attack
An effective password is not simply about using an uncommon word or phrase. Even if your password is hard to guess, it may be susceptible to what is known as a brute force attack. A brute force attack is where an attacker uses a special computer program to try every combination of symbols, numbers, and letters to systematically guess your login info.
Many people have this image in their head of a hacker sitting at sitting in front of a laptop, guessing passwords. That’s not quite how it works. Hackers have several password-cracking strategies at their disposal. One of them is to use automation software that can crunch hundreds of billions of numbers per second. Unfortunately, sites like Facebook don’t have a login trial limit. This means an attacker can try multiple password combinations as many times as they like to try to get into your account.
Generally, any password under 12 characters is vulnerable to being cracked. With this strategy, the hacker simply automates their specialized computer program to guess millions of different users’ passwords every second until they find the correct login credentials. With these tools, hackers are generally able to guess passwords at the rate of 350 billion guesses a second!
2. Dictionary attack
With a dictionary attack, the hacker tries an ordered list of words such as you would find in a dictionary. This means if your password is an ordinary word that can be found in a dictionary, it can be cracked with ease.
Here are the top 25 most commonly used passwords primarily from North American and Western European users in 2020. Each of these passwords can be cracked in seconds. The most popular password in 2019 was 12345, followed by 123456, and 123456789.
NordPass recently released the top 200 passwords in 2020, and 73 percent of those are incredibly easy to guess. Click through to see if you can recognize your password in the list.
As we have learned, the shorter and more common a password, the easier it will be for the password to be cracked using brute force attacks. Ideally, your password should be a long, random string of letters, numbers and special characters that means absolutely nothing and is impossible to guess. However, the problem is that unless you have a photographic memory, remembering such a password is going to be problematic for a single account, to say the least. And when you have to do this for multiple accounts, you can see why this would be completely impossible.
Fortunately, there are certain techniques you can use to create an uncrackable password that will be easy for you to remember. Follow these handy tips, and you won’t have to worry about losing the key to your online personal kingdom.
The Passphrase Method
A passphrase is a random collection of common words combined together into a phrase. It is generally longer than a traditional password, but is easy to remember and yet far harder to crack even with brute force attacks. As we’ve already learned, increasing the number of characters in a password makes that password much harder to crack. A traditional password is typically 8 – 16 characters in length, while a passphrase can be as long as 100 characters.
Consequently, using a long passphrase instead of a traditional password is one of the simplest, most powerful and most effective ways to create a strong and complex password and protect your confidential information online.
The Bruce Schneier Method
This is also known as the sentence method. To create your passphrase using this technique, start by picking a long, random phrase from pop culture such as the favourite lyrics from a song or a favourite line from a movie or book. The idea is to come up with a random sentence and transform it into a powerful password using a rule such as using the first character of the phrase to create your passphrase.
For example, if your favourite song is Blame it on the boogie by The Jacksons, your passphrase could be:
“MY FAVOURITE SONG IS BLAME IT ON THE BOOGIE BY THE JACKSONS.” “IT WAS RELEASED IN 1978.” Based on the sentence technique, this is what your password could look like:
As you can see, this is a long and complex password that doesn’t make sense to anyone but you. Keep in mind that the quotes and periods are all part of the password itself. You can easily memorize it, and you don’t even have to write it down.
When you create a new password, get into the habit of checking how secure it is by using the website, how secure is my password. For example it will take 25 “septillion years” to crack the above password.
This means it will take millions of years to crack this password which makes it uncrackable, but yet very easy for you to remember.
How can I create a unique password for each website?
It will be challenging and time consuming to create a unique passphrase for each online account, especially if you have over 100 accounts like the average user. However, you can fix this problem simply be creating a master password based on a passphrase and then add the name of each website to the end of your password.
So, if your password is “MFSIBIOTBBTJ.” “IWRI1978.”, your Facebook password could be “MFSIBIOTBBTJ.” “IWRI1978.”Facebook. Your Barclays account password could be “MFSIBIOTBBTJ.” “IWRI1978.”Barclays, and so on. This ensures that you have a unique and complex password for each online account, based on a single master password.
Using a Password Manager
Another quick and easy way of ensuring that you have a unique and complex password for each online account is by using a password manager. A password manager is a software application that generates secure passwords for you and then stores them in a secure, encrypted database known as a vault. Then, as you visit your favourite websites, you can retrieve those passwords with the option of having them auto filled in your browser. So, you get all of the benefits of secure and complex passwords without actually having to remember any of them.
The Master Password
When you sign up to use a password manager, you will be prompted to create a master password. This is the only password you will have to remember. The master password protects all of your passwords, so it is crucial that you come up with a long and complex password that is based on the above technique.