One would think that with the endless news of hacked emails, data breaches, and socially engineered political campaigns across the globe, people would be more vigilant with their internet habits, particularly because of artificial intelligence and data mining.
And yet 2018 featured some of the worst password habits in the history of passwords.
The latest installment of SplashData’s (via Gizmodo) annual list of most commonly used passwords revealed that four of the top five most commonly used passwords were variations of 123456789, with the remaining top password being — ironically — password. 2018’s most popular passwords ranged from the mundane (football, sunshine, qwerty, donald) to the downright unimaginative (111111, 123123), and, as a result, in the past year, an estimated 12 billion records worldwide were compromised.
Juniper Research estimated that around half of the breached data comes from the United States, a claim substantiated by a 2018 online survey by the Harris Poll. It found that almost 60 million Americans have been affected by identity theft. For the first time in history, there were more stolen social security numbers than stolen credit cards. Javelin Strategy succinctly stated the situation in their 2018 Identity Fraud Study, which revealed four significant trends:
- Record-high incidences of identity fraud;
- The rise of account takeover fraud;
- Intensified card-not-present-fraud attempts targeting online shoppers; and
- The growing sophistication of online attacks.
These alarming figures only magnify how crucial it is to adopt a contingent attitude towards cyber and personal security, especially when it comes to one of the most ubiquitous forms of digital security of all: passwords.
Here are some tips on how to create a strong password:
Avoid dictionary words
Password cracking tools are very effective at processing letter and number combinations, particularly those that already exist as a string, which dictionary words are. Dictionary words can be difficult for people to figure out but should be a piece of cake for brute force attacks. The same can be said true for dictionary words that are typed out backwards.
No personal information
This is a common mistake because people often fail to realize that some information can already be gleaned from their publicly accessible online data alone, such as their email address. The frustrating aspect about passwords is that they need to be easy enough to remember for users, which leads to people incorporating personal information such as their birthday, their pet’s name, or their middle name into their passwords.
Your password should not include anything remotely related to your username, your actual name or , nickname, or the name of your spouse or another family member. It also should not contain any easily recognizable string of numbers such as your phone number or vehicle plate number, as these could be guessed by someone who knows you, or even by someone who intercepts or steals your mail.
Length, width, depth
The key to making a strong password is making it complex, which is dictated by three factors: length, width, and depth. First off, longer passwords will always be more difficult to crack because each additional figure makes the combination probability larger, which will take more time to crack with brute force.
Width refers to the different types of characters utilized. Most passwords are confined to the alphabet and numerals, which is a large enough pool of characters on its own. However, case sensitivity and the availability of special and alt characters expand the options further.
Lastly, depth refers to selecting a password that has a challenging meaning, something that makes it very difficult to guess. A good password should be easy to remember but hard to guess. One reliable technique is by using types of mnemonic phrases, such as those spelled out phonetically instead of the conventional way, or by using the first letters of a short speech by a famous person.
Regular changing
All passwords should be changed regularly because some brute force attacks take place over a prolonged period of time. Keeping your password for an extended period gives the hacker time to hit the correct combination. Changing your passwords regularly helps eliminate that possibility.
Between your improved password habits and Arnet Technologies’ cybersecurity services, together we can make your network impenetrable. Contact us today for your free Risk Assessment.
