Previously we discussed software piracy, email spamming and phishing. Today we delve into Password Theft and how to avoid it.
Let’s be honest. We all make it easy for hackers. 80% of cybercrime is down to poor passwords and human errors in protecting them. Not only are we bad at looking after our passwords, but 60% of us retain the same password across many accounts.
A breach in Yahoo’s data highlights just how poor our passwords can be. The most common codes used by their employees were…
- Password
- Ninja
- 123456
- Welcome
But why do we use such simple passwords when there is so much at stake? Many companies enforce the policy that you memorise your passwords. As a result, we choose passwords that are easy to remember and use the same simple password across a range of accounts.
But while a simple password may be easily memorised, these passwords are the most enticing to a hacker. Passwords are the only thing between you and your life savings, your public image, or your family’s privacy. They are worth spending time on.
Passwords should be as complicated as you can humanly make them.
- First. Make them long. With the right tech a hacker can make over 1000 guesses in a mere second. A short password can take less than an hour to put through the system and decode. The longer the password, the harder it is for the hacker. An 8-character common word takes, on average, 52 seconds to hack. But, a 5 uncommon word password with numbers and symbols included, is predicted to take 12 million years for a machine to decode.
- Second. Do not use a word found in the dictionary. Fictitious words, or words broken up with numbers and symbols, are the best. But do not simply replace ‘O’ with ‘0’ or ‘S’ with ‘5’. If you know a trick you can be sure that a hacker knows it too…and then some. Use symbols and numbers sporadically throughout the text to break it up.
- Third. Create a different password for each of your accounts. Use strange sequences no hacker will be able to predict.
But how do you memorise all this?
Well, you don’t. When it comes down to it you have to decide between three options.
1. Use a piece of software that is specifically designed to store your passwords securely in one place. That way you can be as imaginative and varied as you like. The key really is not to leave a tidy little document entitled ‘Passwords’ on your computer. Never do this.
2. No one can hack good old-fashioned parchment. Does a hidden scrap of paper pose a greater threat than a simple, easy to decipher passcode used for your entire online identity?
Equally, do not list of all your passwords on the same piece of paper. Divide them up. Colour code them. Make it hard in case anyone does go snooping.
3. Scrap passwords altogether. Use something you can’t forget or leave at home. Your body. Yes, this may be the expensive option. But voice, iris scanning, DNA, fingerprint and facial recognition cuts out the issue of having to remember passwords in the first place.
In this day and age complete security is not a possibility. You just have to work out which method you trust more.
Get creative with your passwords. Train yourself and train your staff.
