A secure password contains randomized letters, numbers and characters with a minimum length of 8 characters. Memorizing strong passwords can be difficult which is why passwords are often reused. While reusing passwords makes it easier for you to remember, it also makes it easy for cybercriminals to gain access to your personal data. To prevent your data from falling into the wrong hands, it is important to learn the best practices that will ensure your passwords are secure.
What Are the Risks of a Weak Password?
Weak passwords are a big threat to your online security as they can be easily cracked and allow access to important personal information like your bank account, personal address and contact information. Some characteristics of weak passwords are:
- Utilizing dictionary words such as hello, desk, computer, etc.
- Using passwords comprised of characters close to each other on the keyboard such as 1q2w3 or 123zxcv. These passwords may look secure but can be quickly cracked based on sequential key variations.
- Making a short password of 6 characters or less
Weak or compromised passwords cause about 80% of successful data breaches. Passwords are frequently the only thing protecting your intellectual property, network access, and confidential information. Avoid generating weak passwords to strengthen the protection of your data.
The use of weak passwords and practices like reusing passwords can make it easier for cybercriminals to gain access to your information through cyberattacks that utilize common password lists. Here are some examples of cyberattacks that can be effective when not using strong passwords:
- A credential stuffing attack is when a cybercriminal uses a set of credentials to attempt to gain access to several accounts at once. Credential stuffing is so effective because nearly two-thirds of internet users reuse their passwords.
- A brute force is a type of cyber attack that uses trial and error methods to guess login credentials, security keys or other sensitive information. Brute force attacks are surprisingly effective, especially given that about 65% of people reuse passwords.
- Password Spraying (AKA Password Spray Attack) is when an attacker uses common passwords to attempt to access several accounts on one domain. Using a list of common passwords, such as 123456, password1 and more, an attacker can potentially access hundreds of accounts in one attack if the users aren’t using strong passwords.
Are Your Password Practices Secure?
Creating a strong password can be tedious, but it is important to ensure your passwords are
unique and secure. Always avoid: creating passwords of 6 or less characters long, using dictionary words or having significant dates – such as an important birthday or anniversary date – within the password. Most importantly, do not reuse the same password for different logins.
How to Generate a Secure Password
A secure password is a set between 8-16 characters that contain upper and lower case letters, numbers and at least one special character ($, %, @, #, !). Following these guidelines will ensure that your passwords are secure.
To further help you improve your password strength, here are some of the best practices:
- Audit Your Passwords. Audit your passwords every 2-3 months to ensure that all your passwords consist of random combinations of letters, numbers, and symbols or unrelated phrases.
- Change Weak, Compromised or Recycled Passwords First. These passwords are the most vulnerable and most likely to cause issues.
- Prioritize Your Sensitive Accounts. Bank accounts and other accounts with highly-sensitive information should be prioritized when updating your passwords to more secure ones.
- Multi-Factor Authentication Is Your Best Friend. This means that to access an account, anyone attempting will face a more extensive authentication process than simply entering a password. This is best for sensitive accounts, but use it with any accounts you can.
- Updating and Auditing Passwords. You should audit and update your passwords at least a few times per year, it will take some time so set aside time for yourself to make sure it’s done correctly.
Generating secure passwords, auditing them and memorizing them can be hard and time-consuming. The use of a password manager can be very helpful in achieving secure passwords across all your online accounts. A password manager will not only help you generate secure passwords, but it will also store the passwords in an encrypted vault so you can securely access them without having to memorize them.