Each day, our lives become more inseparable from the internet; we email instead of call, we stay in touch with social media, we shop online, bank online, etc. And each of our online accounts requires a password. We all know that choosing a strong password is important for internet security, but nonetheless many of us opt for weak passwords simply because they are easier to remember and keep track of. While it is inconvenient to create very strong passwords, the potential fallout from having your accounts hacked will be much more inconvenient. Don’t worry; after reading this article, you’ll be a pro when it comes to knowing whether a password is strong, and we’ll give you a handy secure password generator to take some of the guesswork out of creating a strong password.
Here are the top cybersecurity factors to make a strong password and accessing your accounts:
Depending on the hacking method used, a six-letter password, with no numbers or capital letters (“orange”, for example), may take up to 10 minutes to hack, or as little as 1 second if a fast attack hacking program is being used. By adding extra letters to our password (for example, “orangemarmelade”), it will now take months to hack, and adding numbers and special characters (“Orang3marme!ade”) will take centuries to crack, even using the most powerful hacking software. Put another way, changing “orange” to “oranges” will increase the number of items a hacking program must search through 26 times, for 26 letters in the alphabet. But substituting zero for the “o”, “0range” increases it 260 times (26 letters x 10 numbers), and “orange!” Increase it up to 8,580 times! (26 letters x 10 numbers x up to 33 special characters).
If it’s in the dictionary, it’s a real word, and it doesn’t belong in your passwords. There is an entire method of password hacking called “dictionary attack” that exploits people’s tendency to use dictionary words in their passwords.
Turn off automatic passwords, auto-login, and password storage on your web browsers (IE, Firefox, Chrome, etc.) Any password stored in this way can be hacked.
Don’t store any important passwords in the cloud, for the same reason as #7. Online storage is easily hacked into.
The standard recommendation is to change your passwords every 8-12 weeks. If you’re using a good random password generator to create strong passwords all the time and storing them safely (see #13), then changing passwords regularly is a good security measure. If, however, changing passwords often will just make you go back to weaker, easy to remember passwords, like your pet’s name, don’t bother. It’s better to have a really strong password and keep it forever than to have a new weak password every 3 months.
If your account has the option, turn on the 2-step verification. This adds an extra layer of security by not only requiring you to enter your password correctly but also entering a code that the system will send to your email, SMS text messages, mobile or landline phone. This way, even if a hacker gets access to your password, your account will still be protected because he doesn’t have access to your phone or email account