How to create strong passwords to protect your accounts
This might even sound like a broken record. After all, anyone who has been on the Internet long enough has certainly read about the importance of creating a strong password and has probably changed their passwords several times. However, the tools and strategies used by criminals are always evolving, so keeping abreast is very important to protect your digital life.
Why is having a strong password so important?
Nowadays, it is virtually impossible to separate our online life from the offline one. All of our data, personal information, banking credentials, and even private photos are stored on devices that are connected to the Internet or on some cloud storage service.
This means that if someone accesses your email, they will find a relatively open path to all your other accounts and most sensitive data.
Why is protecting ourselves becoming more and more difficult?
Until recently, it was believed that all we had to do to create a strong password was to choose an easy word to remember and replace some of the letters with numbers or special characters – “p4s$w0rd” instead of “password”, for example. This was because attacks on emails and personal accounts were almost always manual and unsophisticated.
Nowadays, however, the range of strategies and tools that help cybercriminals discover passwords has become much wider. Let's take a look at the main types of attack.
Brute force attack
In this type of attack, the attacker attempts various combinations of symbols, numbers, and letters until they find the sequence you chose.
This attack can be carried out manually or with the use of advanced tools, which automate the process, by testing a series of letters, numbers, and special character combinations, until the password is discovered.
In addition to requiring increasingly longer and more complex passwords, these technologies allow criminals to invade a large number of accounts in a short time.
Dictionary attacks
This type of strategy also tries to match characters until it finds the correct password. The difference is that the combination attempts use an organized list of words, as in a dictionary.
Therefore, passwords that combine words that have some logical association with each other are more easily discovered.
Phishing
In phishing, criminals pretend to be trustworthy, usually posing as a respected company or even someone you know. They can make a call, send text messages, emails or social media messages, or use fraudulent apps, websites, and social media profiles. By manipulation, they try to obtain access to your data.
The tip to avoid falling for this type of scam is always to be attentive to the tone of the message. At the slightest sign of doubt, do not provide information, download files or click on links. Then contact the company through its official communication channels.
What are the characteristics of a secure password?
In light of all these strategies and technologies that are easily available to criminals, what are the characteristics of a really strong password?
In a nutshell, a strong password must meet the following requirements:
-
Unique passwords: Never use the same password for more than one account. So, if one is compromised, you know that the others will remain protected.
-
At least 12 characters long: As cyber attacks use more and more automated software, it is very important that passwords are long, making it difficult for criminals to discover the character combination.
-
Avoid using personal information: Do not use information that others know or can easily discover, such as your last name, initials, address, or the names of relatives and pets.
-
Avoid word patterns: Very simple words or words that follow a pattern are simple to guess. So, avoid things such as qwerty, 1234, mypassword, welcome…
What should I do from now on to protect my accounts?
Now that you know the strategies and software that cybercriminals often use to discover passwords, and the characteristics of a strong password, let's get down to business.
Follow the steps below to make sure your accounts are as secure as possible, and that you won't have a problem with invasions — nor forget your passwords!
-
Find out if any of your passwords has been compromised: Visit https://haveibeenpwned.com/, enter your email in the search field, and find out if your password has been leaked at some point.
-
Use a password generator: There are many free software packages that can create automatic passwords for you. They are long and combine a series of characters at random.
-
Use a password manager: They help you save the passwords to apps and websites you've generated or created. Many already have a built-in password generator. This way, you avoid writing down these passwords in unprotected places and having to rely on your memory.
By following these tips, you can rest assured that the chances of someone invading your digital accounts will be much lower!