How Secure is my Password?
The Strongest passwords will stop brute force or dictionary attack while also being easily remembered.
How secure is my password? We should all consider this question and ask yourself when was the last time you changed the passwords that protect your information. In this article I will explain how to create a secure password.
Each week we get emails, WhatsApp messages and read newspaper articles talking about the latest online scams. We are living in an era where there is an epidemic of data breaches.
Data breaches are when an online platform or website gets hacked and the data of its users exposed. If, for instance, a popular streaming service was to get hacked and your password and username discovered, they will link it to your IP and billing address. This leaves you vulnerable to cyber-attacks, especially if you were using the same or similar variation passwords.
How do my passwords get hacked?
Cybercriminals have lots of ways of hacking a password, many methods of attacking your IP address. However, the easiest way is for the cybercriminal is to just buy your password and login information on the dark web. There’s an enormous amount of money being made selling login credentials online on the dark web, and this is because people are using the same login details and passwords for too long.
How often should I change my password?
Brute force attacks
A brute force attack sends every combination of Number, letter, symbol until it gets lucky and find yours. This is all done using automated software which tries hundreds of thousands of passwords really rapidly in a very short space of time. The technology is constantly evolving and getting better and better, it is possible to send billions of password guesses in under a minute. The latest incarnation of these brute force attacks use masks and filters reducing search space and helping them find your password quicker.
The solution to brute force attacks is having longer passwords. A password with Less than 10 characters he’s vulnerable and can be discovered. The longer the password the better the password.
What are Dictionary attacks?
The Dictionary attacks are different to the brute force attacks in that – brute force attack try every combination of symbol, letter, and number. Whereas a dictionary attack attempts to find your password using preset list of words, much like a dictionary. If your password is just a normal word, these dictionary attacks will find it, or you might get lucky if it’s an uncommon word. An example of this is:
“MyCatsNamedTom”. This multiple phrased term will easily outsmart a dictionary attack.
What are Phishing scams
The worst type of online scams are phishing scams. Phishing scams are when cybercriminals try to intimidate, fool or pressure you into exposing your information. An example would be if you received an email telling you there was a breach on your iTunes account, and you click a link contained in the email. This link then redirects you to a false website built to resemble iTunes. When you click these false links and if you don’t notice the website’s differences, you then input their password and username. Once this happens the cybercriminal has your login information and immediately acts to get as much of your money as possible.
Whaling and Spearfishing scams?
Where a business gets targeted by the scammer to gain Information for fraudulent purposes. The attacker uses information about the business that they’ve previously obtained.
Pharming is a redirect scam where you’re redirected to a false version of a legitimate website or platform. Initially, your computer gets infected with malware, which initiates the redirects to a default website EVEN if you click on your bookmark or type in the proper website address. This is a particularly pernicious and difficult to notice type of scam.
What makes a strong password?
Since we have covered how passwords get hacked, now we will cover how to make strong passwords, so you don’t get hacked. Below are our 8 top tips for the perfect password.
How to make a strong password you will remember
The Bruce Schneier Method
The Bruce Schneier method is when you think of a random sentence and then use it as a password. The idea being you take the first 2 letters of each word and that gives you the password. For example: The 7 big brown bears live in the woods!
The Schneier method gives you the password: Th7bibrbeliinthwo!
That’s a strong password and an excellent method to achieve and remember it. You can even write this password down in sentence format and still be secure using it. Using this method you never have to worry how secure is my password again.
Trust is earned
Using well known and secure websites is a minimum requirement. Do not visit websites without a lock symbol before its name and make sure the web address is Https and not Http. More security conscious websites will encrypt your data so even if a breach occurs your safe. The issue is not all websites bother to encrypt! So, if you’re signing up to a website or service, please research them first.
If you want to avoid password problems altogether Cyberghost VPN uses encryption based on SSL and works with 256 bit and gets generated on your device, so no third party can intercept the keys. Using that level of encryption ensures your security online.
2FA has saved me more than a few times...
Two-factor authentication adds an extra step to the login process, but it’s entirely worth it for the enormous security boost involved. The 2FA are industry standard with big business these days. It’s basically when an extra step is added to authenticate your login. 2FA can be a text message or a cycling number app that changes every 1-minute interval. It might even be your fingerprint on a device.
What are password managers?
The password manager like NordPass is a software or app that remembers all your login information and keeps them secure. All you must do is make a password for the password manager and remember that! If you get a password manager, please use the above tips for the master password.
Password tips and tricks
Keep your data safe by using the tips and tricks we wrote about above, and below are some addition ideas that may help.
- Use a VPN. A VPN or Virtual Private network is a software that encrypts your data and removes your IP address. If you use a VPN, your passwords and data will not get intercepted! This is especially important if you commonly connect to free or Public Wi-Fi and even in your friends’ houses.
- Never email bank details or password data.
- Have an Anti-Virus software installed to prevent malware and trojans and all the other nasties from attacking your hard drive!
- Choose a difficult password reset questions and make sure the questions are not things that can be found on your social media (which should be set to private). Do not have your pet name as one answer, and then you have 100 social media posts with the pet’s name in them. Assume the people who are targeting you are intelligent; assume they will research you online and look at your social media (if possible). Lastly, assume they are lazy, after all they would rather try to scam money online than do a proper job. The importance of that assumption is that once you know hackers are lazy and will give up if it’s too much trouble, then you can have peace of mind if you followed the above tips.
Strong Password Generator
You can just let Google Chrome generate strong passwords for you. Let Chrome generate and remember your passwords. If you have Sync turned on, it saves your passwords to your google account. If you do not, the passwords are just stored locally on your device.
- Open Chrome.
- Set Sync to on.
- Visit a website you are signing up for an account on.
- Click the password text box > Suggest Strong Password (sometimes right click and generate).
- You get to see a preview for the suggested password. Click Use suggested password.
- Finish signing up and it automatically saves your password to Chrome.