If there is one thing that people around the world have been trained to do it is to create highly secure passwords. In fact, the need for 6+ digit passwords that include uppercase, lowercase, special characters, numbers, and so on, is commonplace on every platform today.
But just because we as a collective have been conditioned to create passwords in a specific manner, does that mean it's right? To put it bluntly, no it's not.
Though this may be a shock to some, simple yet longer passwords are much harder to crack than short complex ones. Here's an example. Most websites will require you to create the usual 6 to 8 digit password with the usual capitals, numbers, symbols, etc. With that, your password may come out to be something like this: PassW0rd01!
Is that actually secure? Not really. Due to habit, encouragement, and general consensus over the years of what these passwords should be and what so-called special characters should represent, hackers and the algorithms they use have been trained to know how to swap out "0" for “O," "A" for "@" and so on. And, as such, the password above is plain text to the seasoned hacker.
My advice, take a different approach to making your password far longer, yet a lot simpler. May be your favorite TV show title—in my case it would be The Big Bang Theory. Making this your password could appear as ilovethebigbngtheory. Notice I removed the "a" in the word “bang." By doing so, I’ve not only made my password longer than required, but I've also added a level of complexity that is far harder to crack.
And even though I don't use any symbols or numbers, ilovethebigbngtheory is mathematically much harder to crack due to the nature of the sentence structure, missing letter, and so on. But we can do even more. In instances where special characters can be represented by actual spaces, a simple yet highly secure password could be, "I Love the Big Bng Theory Very Much.” Again, no special characters other than spaces, but the length and mathematical complexity make it even more secure.
And if you're uncertain about how secure your password is, go to this site for a quick check: https://howsecureismypassword.net.
In addition to the lengthy yet simplified password practice, I also suggest using secure platforms such as LastPass, Dashlane, Keeper, and so on. Also known as password managers, or password vaults, these types of platforms manage all your passwords in one place, usually with a primary password to access your account. The benefit is that you can finally stray away from using one password for all your cloud and other activities. By randomizing all passwords, and adding lengthy and even sometimes weird structures, along with enabling a password vault to secure them, adds yet another layer of security to the mix.
And lastly, educate, educate, and re-educate your team members on password security and best practices. By creating new habits while simultaneously increasing the knowledge and perseverance needed for today’s digital age, your cyber resiliency will increase fourfold, keeping the bad guys at bay.
Calian Cyber Security eBook - The worst passwords of 2020
How to Avoid Becoming the Next Cyber Crime Victim
November 26, 2020 | Bill Dunnion
This is all about your employee’s stolen identity
Everything in the modern age is digital—and of course you all know that. However, most people rarely contemplate what data is circulating around out there in the ether. Take one step further down the rabbit hole and apply that to personal data...
November 24, 2020 | Vanessa Howard
Virtual, Traditional, or Hybrid EOC What do you need to achieve?
An emergency operation centre (EOC) should enable people to respond to and plan the recovery from an emergency as effectively as possible. This is true of a brick and mortar EOC, a virtual EOC, and of a hybrid model. While there are...