Thinking of changing your password? Should you move on from ‘123456’? On the basis that it is better to be safe than sorry, an expert group have provided some guidance for Digital Journal readers on safe and effective password management.
With people sharing an ever increasing amount of information online, passwords are one of the most important things individuals need to consider when keeping themselves safe. It has been estimated that 80 percent of hacking incidents are caused by weak or compromised passwords.
The guidance comes from U.K.-based domains and hosting provider Fasthosts. From the information, four messages are apparent and these take the form of useful tips for keeping each password under a virtual lock and key.
Try passphrases
Passwords are important for keeping accounts secure. However, passphrases are the next level up. Where a password may be a word or sequence of characters, a passphrase combines multiple words to create a complex form of authentication.
This makes passphrases easier to remember, but also makes them much more difficult for people or bots to crack.
A strong passphrase should contain at least 15 characters, and ideally include a mix of letter cases, numbers and special characters. It is useful to select an obscure mix of words.
For example, this could include one word that is in a different language, or the name of a historical monument followed by the title of a song.
Avoid real words to combat dictionary attacks
When an individual uses words in their password, it becomes easier to guess and also vulnerable to a dictionary attack. A dictionary attack uses automated software that systematically tries every word in the dictionary, in various combinations and permutations, until it finds a match with the correct password. So by completely eliminating real words from your password, this means dictionary attacks will be less likely to succeed.
For those who need to include memorable words on their password, there are a couple of things they can adapt to make their password safer from dictionary attacks.
- For example, substituting parts of a word for different letters, numbers or special characters. However, characters such as “!” for “i” and “@” for “a” will be easier to crack.
- Try to avoid commonly used words like “birthday” or “password”, as most password cracking software will test these first.
The sentence method
The sentence method and is a way of creating a memorable password that is also difficult to crack. The method involves taking a sentence and breaking it down into a password. For example, “Big Baby from Toy Story 3 is my all-time favourite cartoon character” could be transformed into “BiBafrToSt3ismyal-tifacach”. It may seem complicated on paper, but when it can become easy to remember if it is based on something important.
Muscle memory
If a user has passwords that are used regularly, then their muscle memory will begin to make logging in much easier.
When creating or changing a password, make it as secure as possible, but also ensure that your hands feel comfortable when typing it. If it feels awkward to type, consider choosing a different password. One way to do this is by using a password generator, and practising typing different passwords until one of them feels comfortable to do so.
In addition to the traditional password, many modern accounts are using two-factor authentication, which means you will have to verify your identity via text, email or a different device. This adds an extra layer of security to your online accounts, as even if someone guesses your password, they need a second form of authentication to access your account. Multi-factor authentication (MFA) utilises more than two forms of authentication, which is suitable for accounts which store incredibly sensitive information. MFA reportedly blocks over 99 percent of all cyberattacks.