When was the last time you double-checked your passwords and any associated policies and best practices? After all, they are a key line of defense in your cybersecurity posture.
How Strong Do You Think Your Passwords Are?
While you may not have had an account hacked into because of an easily guessed password yet, that’s not to say that you shouldn’t still consider your passwords carefully. Despite the fact that passwords are the most direct way to access a user’s private information, most passwords in use today are not considered to be strong or complex enough.
Passwords protect email accounts, banking information, private documents, administrator rights and more—and yet, user after user and business after business continue to make critical errors when it comes to choosing and protecting their passwords.
We all know how frustrating it is when trying to pick a password for a new account you’re setting up and the site keeps telling you it doesn’t meet all the criteria:
- It needs to have numbers.
- It needs to have symbols.
- It needs to be a certain length.
- It can’t be the same as your last password.
And on and on. It feels like this never ends—and really, is all this fuss over passwords truly necessary?
Yes—in fact, just last year a report showed that 86% of more than 2 million breached passwords were identical to passwords that had already been breached.
How is this possible, if everyone’s passwords are long, complex and unique? Hint—they’re not.
The top 10 most common and repeatedly breached passwords in this report include:
The question is—are any of the above one of your passwords? Even if they’re not, are you making a similar error with any of your passwords?
Are Making These Mistakes With Your Passwords?
Find out for sure by considering these 4 common password mistakes:
Length and Complexity
Keep in mind that the easier it is for you to remember a password, the easier it’ll be for a hacker to figure it out. That’s why short and simple passwords are so common—users worry about forgetting them, so they make them too easy to remember, which presents an easy target for hackers.
Numbers, Case, and Symbols
Another factor in the password’s complexity is whether or not it incorporates numbers, cases, and symbols. While it may be easier to remember a password that’s all lowercase letters, it’s important to mix in numbers, capitals, and symbols in order to increase the complexity.
Many users assume that information specific to them will be more secure—the thinking, for example, is that your birthday is one of 365 possible options in a calendar year, not to mention your birth year itself. The same methodology applies to your pet’s name, your mother’s maiden name, etc.
However, given the ubiquity of social media, it’s not difficult for hackers to research a target through Facebook, LinkedIn, and other sites to determine when they were born, information about their family, personal interests, etc.
Pattern and Sequences
Like the other common mistakes, many people use patterns as passwords in order to better remember them, but again, that makes the password really easy to guess. “abc123”, or the first row of letters on the keyboard, “qwerty”, etc., are extremely easy for hackers to guess.
Ready To Put Your Passwords To The Test?
It’s one thing to skim over a list of common password mistakes and assume you’re probably still OK.
Sure, maybe that one password is based on your pet’s name, or maybe that other password doesn’t have any capitals or numbers—what’s the big deal, really?
If you feel good about the security of your test let’s put it to the test.
Click here to test how secure your password is—take a few minutes and try a few.
How’d you do?
Probably not as well as you’d hoped, right? The reality is that truly complex passwords can be difficult to come up with, and even more difficult to remember.
That’s why a Password Manager is so useful…
What is a Password Manager?
One of the best ways to maintain complex passwords is with a password manager. Password managers are the key to keeping your passwords secure.
A password manager generates, keeps track of and retrieves complex and long passwords for you to protect your vital online information. It also remembers your PINS, credit card numbers and three-digit CVV codes if you choose this option.
Plus, it provides answers to security questions for you. All of this is done with strong encryption that makes it difficult for hackers to decipher. Find out more about managers in our next blog post.
Don’t Let A Weak Password Put You At Risk
In the end, creating and using strong passwords can be frustrating, but it’s incredibly important. Privacy and security are major concerns for personal users and businesses alike these days, and so you have to be sure that you aren’t making it easy for hackers to access you or your business’ private data. Our team at Rea and Associates is always here to help and answer any additional questions you may have about the importance of strong passwords.
By Jeff Rapp, MSCE (Massillon office)