Choosing a strong and unique password is crucial to protect your online security and privacy
Passwords are the keys to our digital lives. They serve as the primary line of defence against unauthorized access, protecting our personal information, financial data, and other sensitive information. Passwords are a critical component of protecting our digital identity and maintaining the security of our online data. A strong password can make it challenging for hackers and cybercriminals to break into our accounts, providing a layer of protection against identity theft, fraud, and other malicious activities.
With the rise of cybercrime, hackers use a brute force method to gain access to your accounts and devices. Hackers uses any weaknesses and a variety of methods to steal and guess passwords, such as sending spoofing and phishing emails. They can also purchase stolen credentials online. It is, therefore, crucial to choose and maintain safe passwords to safeguard our online privacy and security. In this article, we will discuss how safe your password is and what steps you can take to protect yourself online.
What makes a password secure?
A secure password is one that is difficult for someone else to guess or crack. Password typically includes a mix of uppercase and lowercase letters, numbers, and special characters, and is at least 12 characters long. However, many people still use weak passwords, such as "password123" or "123456." These types of passwords are easy to guess and make it easy for cybercriminals to access your accounts.
While we may intend to have a long, complex password, such as !adfak&35.234#, it often ends up being a simpler password like !password20231#. This is because users, to avoid the difficulty of remembering and generating passwords, would create a password that meets the complexity requirements while simply using common base terms and incrementing the values when a password rotation is required.
This made the job of password cracking easier, as it was common for users to reuse a common base term in their passwords with symbols added to the front and end, along with numbers. Password resets got more prevalent, as it became more difficult for users to remember their password; making it more common for them to create less-secure passwords.
Why is a strong password important?
A strong password is important because it helps protect your online accounts from being compromised. Cybercriminals can use weak passwords to gain access to your email, social media, banking, and other accounts. Once they have access to your account, they can steal your personal information, money, and other valuable data. A strong password can make it more difficult for cybercriminals to access your accounts and steal your information.
Different Types of Password Attacks
Password attacks are one of the most common forms of corporate and personal data breach. A password attack is simply when a hacker tries to steal your password. Some of the password attack methods are as below.
- Phishing: Phishing is when a hacker posing as a trustworthy party sends you a fraudulent email, hoping you will reveal your personal information voluntarily. Sometimes they lead you to fake "reset your password" screens; other times, the links install malicious code on your device.
- Man-in-the-Middle Attack: Man-in-the middle (MitM) attacks are when a hacker or compromised system sits in between two uncompromised people or systems and deciphers the information they're passing to each other, including passwords.
- Brute Force Attack: If a password is equivalent to using a key to open a door, a brute force attack is using a battering ram. A hacker can try 2.18 trillion password/username combinations in 22 seconds, and if your password is simple, your account could be in the crosshairs.
- Dictionary Attack: A type of brute force attack, dictionary attacks rely on our habit of picking "basic" words as our password, the most common of which hackers have collated into "cracking dictionaries." More sophisticated dictionary attacks incorporate words that are personally important to you, like a birthplace, child's name, or pet's name.
- Credential Stuffing: Your old passwords were likely leaked onto a disreputable website. Credential stuffing takes advantage of accounts that never had their passwords changed after an account break-in. Hackers will try various combinations of former usernames and passwords, hoping the victim never changed them.
- Keyloggers: Keyloggers are a type of malicious software designed to track every keystroke and report it back to a hacker. Typically, a user will download the software believing it to be legitimate, only for it to install a keylogger without notice.
Password table in 2020 based on passwords cracked by a RTX 2080 GPU.
Image Source: Hive Systems
Password table in 2023 based on passwords cracked by a RTX 4090 GPU.
Image Source: Hive Systems
Password table using previously stolen or reused password
Image Source: Hive Systems
Password table using ChatGPT Hardware (10,000 x A100s GPU) to brute force.
Image Source: Hive Systems
How can you create a strong password?
Creating a strong password is simple. Here are some tips:
- • Use a mix of uppercase and lowercase letters, numbers, and special characters.
- • Avoid using personal information such as your name, birthday, or address.
- • Make it at least 12 characters long.
- • Use a different password for each account.
- • Use a password manager to generate and store your passwords securely.
How can you protect your passwords?
Due to the increasing ability of threat actors, NIST and other organizations have recommended changes to current password policies, as noted in the 2020 updated NIST 800-63b guidelines. Here are some tips to protect your passwords:
- • Change passwords only when a user request one or if a breached password has been found.
- • Eliminate password complexity requirements; focus on overall password length (preferably more than 12 characters)
- • Use two-factor authentication when available.
- • Use a password manager to store your passwords securely.
In conclusion, a strong password is one of the most important ways to protect your online accounts from cybercriminals. By following the tips mentioned in this article, you can create a strong and secure password that will help keep your information safe. Remember, the safety of your passwords is in your hands, so take the necessary steps to protect them.
About the Author
Ruben George