Let's Talk About the Length of Your Passwords

The password system is no doubt the leading form of authentication these days, but specialists suspect that it is doomed to die in the upcoming decades due to being not secure enough. According to Chad Holmes, passwords are the main reason why companies are shaken by massive data breaches these days: “most of the breaches we see in the news come down to basic security hygiene.” The same applies to ordinary Internet users as well. They still tend to set weak passwords like 123456 and qwerty for their accounts and, as a consequence, cyber attacks are still common.

As research conducted by Troy Hunt has shown, 86% of passwords used have already been leaked in data breaches and are known well to cyber criminals. Since passwords are still widely used and are not going to disappear in the nearest future, it is very important that we ourselves pay more attention to their strength and complexity in order to secure our private information. Adding a few additional characters or special symbols might be enough to improve password security, so stop procrastinating and change all your passwords today. You will considerably improve your security by doing so.

Why do people still use weak passwords when they know that they can protect them against sophisticated cyber attacks? Well, first of all, they do so because service providers let them. Well-known service providers like Google, Facebook, Yahoo, Amazon, Twitter, and Instagram do not allow users to set passwords shorter than 6-8 characters in total; however, some operators accept shorter passwords too. For example, Wikipedia allows setting 1-character (!) passwords. A simple 7-character password abcdefg can be hacked within .29 milliseconds, so we can only imagine how easy it is to crack a 1-character password set by the user. Hackers do not even need to use advanced hacking tools to hack short passwords. They simply use a brute-force attack, i.e. try out all possible combinations until they find the working one that unlocks the account.

There is one more reason people still tend to set weak passwords – they simply cannot remember long and complex passphrases they are supposed to use to secure their personal information from prying eyes. Also, they have too many accounts these days. For example, one Internet user had an average of 7.6 social media accounts back in 2017, so the number must be even higher in 2018. People say that they are tired of being locked out of their accounts at the worst possible time, i.e. when they need to access them badly, so they either set a simple password or they reuse the same password for years and across multiple accounts. As a consequence, when this password ends up in cyber criminals’ hands one way or another, all users’ accounts get hacked in no time. Usually, users find out that they have been affected by a cyber attack when it is already too late to change anything, i.e. when hackers already have private information in their hands and make crooked plans on how to make use of it.

If you have found your password in the worst password list issued by SplashData, it means that your cybersecurity is in danger. You must change your passwords today to prevent security and privacy-related problems that will definitely arise sooner or later if you do not do anything. First of all, make sure your password is long enough. “How long should a password be?,” you may ask. Well, security specialists say that a secure password cannot be shorter than 8 characters in total, but you will no doubt improve your password’s strength even more by going up in characters. In some cases, it might be quite complicated to come up with a long secure password. Luckily, password managers exist.

One of the trusted free password managers is Cyclonis Password Manager. It will generate a strong password of a desirable length automatically in the blink of an eye. You just need to access its Password Generator (Tools>Password Generator) to generate and copy a complex password for your account with a single click. You could decide upon how long a password should be (4-32 characters), choose its type (e.g., Letter, Numbers, Symbols), and you could see for yourself its complexity in percentage at the bottom of the window. That is not all. Cyclonis Password Manager will keep all your login/password combinations for saved websites encrypted in a secure vault, and it will even enter them for you into the login form. Password typing by hand is a thing of the past. You will see for yourself that generating a new password automatically using a password manager saves a great amount of time.

Bonus Tip: if you have a browser extension representing Cyclonis Password Manager installed on your browser, you can access Password Generator by clicking on the blue icon next to your web browser’s URL bar and selecting Generator.

Hacking methods used by cyber criminals are becoming more and more sophisticated, so modern authentication system is much more than comparing 2 items, i.e. a password and a username that must match to provide access. More and more service providers offer two-factor (2FA) or multi-factor (MFA) authentication to add an extra layer of security to users’ personal accounts. As Troy Hunt describes it in his blog post, 2FA is now “a mass-market security control we have access to on all sorts of services that didn’t have it even just 5 years ago.” Does the service you use offer 2FA or MFA too? If so, you must enable it ASAP to make sure cybercriminals cannot access your private information in the unfortunate event of a hacked password. You will considerably improve your virtual security by doing so, we can assure you that.

Passwords are like barricades that keep us away from danger, so the first thing you should do when you decide that the time to improve your virtual security has come is to increase the strength of all the passwords you use. Make sure that they are complex and long enough. You should entrust this job to a password manager to generate a really secure password; however, if you decide to come up with a new password yourself, make sure it consist of symbols, letters (both upper and lower-case), numbers, and special characters.

January 11, 2019

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as is:
What is 2 + 7 ?