Most of us have accounts on more than 50 different websites - and many even on more than 100. But because it's impossible to remember 50-100 different passwords, many of us will typically use the same password for several different sites. However, this is a really bad idea, especially if your passwords aren't very advanced or unique either. In this article, we'll take a closer look at what you can do to strengthen your passwords, as well as some general dos and don'ts besides awareness training.
What is not a strong password?
A weak password is typically short and easy for a hacker to guess. NordPass has compiled a list of the 200 most frequently used passwords globally in 2021, of which the 10 most frequently used are listed below. Perhaps it includes one or more passwords of your own?
As the list shows, many people choose passwords consisting of numbers that are next to each other on the keyboard, making them easy for a hacker to crack. Hackers will typically start by trying out the most common passwords in an attempt to force their way into your accounts.
Besides a weak password, another pitfall is that many people use the same password for accounts on different sites. Most people typically have the same username for all their accounts, so the danger of using the same password on multiple sites too is that a hacker can easily gain access to all your accounts. You might be wondering, how would someone ever get your password? Unfortunately, the likelihood is that someone already has it. There's a chance that one of the companies you've set up a profile with has been hacked, and that the hackers have stolen your login details and those of others. Even if login details are encrypted in hashes, the encryptions can be decrypted.
This is also where the length of your password and how advanced it is play a role. It takes longer to decrypt a long and advanced password than a weak one. Although it's almost all about computing power, a long and complicated password can take up to a year to decrypt, while a weak password of 8 characters can be cracked in less than an hour.
Fortunately, there are some relatively easy security measures you can take to make it more difficult for hackers to force their way into your accounts.
A strong password helps you ensure that your or your company's private information doesn't fall into the wrong hands. Below, we offer our best advice for creating strong passwords that increase your cyber security.
Make advanced and long passwords
Strong passwords are defined by
- being a minimum of 12 characters, preferably more
- consisting of both upper and lower case letters, numbers and special characters
- being unique, unusual and difficult to guess
You can come up with a rule of thumb to help you remember long passwords, for example your password could be a phrase like 55 birds fly high in the sky (28 characters) or be based on a name like KARL - KittensAreReallyLikable (23 characters). By making up your own advanced passwords and remembering rules, you make it easier for yourself to remember and harder for a hacker to guess your passwords.
Never use the same password on multiple sites
When you use the same password on several different sites, accessing one of your accounts can quickly give the hacker access to all of your accounts.
In particular, make sure you have high security on your email account. Never use the same password for your email as you do everywhere else. This is because you can reset most passwords through your email, so if you lose control of your email, you can lose control everywhere, even if you vary your passwords. In general, make sure your important accounts are particularly well protected.
Of course, we also stress that you should never use the same passwords in private as you do at work.
Update your passwords regularly
Experts recommend that you update your passwords about every three months to increase security and keep the threat from hackers to a minimum.
Never share your passwords with others
It may go without saying that sharing your password with anyone - strangers or people you know - is an incredibly bad idea. You can make your password as long and as advanced as you like, but once you share it with others, it's no longer worth much. Your password should always be private.
Use two-factor or two-step authentication where possible
Multi factor authentication is always a great idea to add to anywhere it's possible, as it adds an extra layer of security to your account. This is because it means that the hacker will also need to get hold of your mobile phone, for example, to log into your account, as two factor authentication means that you will get a text message with a new code to be entered after you have entered your regular password.
In case someone tries to access your account from another device, you will quickly detect it with two-factor authentication as it triggers a new SMS code to your phone.
Use a password manager to keep track of your passwords
Password managers are another option that is becoming more common around the world. A password manager makes sure you have a unique and random password for all your accounts. Password managers also allow you to avoid having to remember all your passwords in your head apart from the password for your password manager, which of course needs to be long and unique.
We hope our advice has given you food for thought and made you want to make your passwords more advanced. Strong passwords can be a defence against hacker attacks and a simple way to boost your cyber security - so get started right away!
Emilie Hartmann is a student and copywriter at Moxso, where she is a language nerd and always on the lookout for new and exciting topics to write about. She is currently doing her Master's in English, where she is primarily working in the fields of Creative Writing and Digital Humanities.