Many users are unaware of how far-reaching the consequences are when a single password is spied on or successfully guessed. Think of confidential business documents or additional passwords for other services that have been sent to you via email. This information, which an attacker can get hold of by looking through your private documents, can open doors and gateways to misuse. Of course, it can be tedious to make every password as secure as possible and to remember a separate one for each instance of use. We will show you how to set up secure, easy to remember passwords with the right strategy.
People speak of authentication when they need to be sure that somebody really is who they claim to be. This is a major challenge in the online world and the use of passwords has been a common way of achieving this for a long time. But all this is of little benefit if “weak” (easy to guess) passwords are used. Many attackers are aware of this, as are the malicious programs they have developed and use. They keep trying out passwords until they finally guessed the correct one (called “brute force” attacks).
Many users employ passwords that relate to personal information, such as their birthday, to make them easier to remember. Attackers know this as well. They can also work out other popular memory aids such as the names of pets or partners without too much effort.
If you use a powerful computer to hack a password that can test 1,000,000 passwords a second, an 8-character password consisting of capitals, lower case letters, numbers and special characters can take up to 29 years to work out (as of 2016). Under the same circumstances, a 5-character password is guaranteed to be hacked within 26 minutes!
Generating a good password is a science in itself. There are countless security factors and possibilities that have a bearing on this subject. At this point we should provide you with a couple of simple principles.
Many applications enable the password to be stored for reasons of convenience. Avoid doing this where possible. It is not always guaranteed that the password is stored in a secure, encrypted form. Many programs store passwords on the system in plain text, unencrypted, making it easy for attackers to read them. Find out how the software you are using works before trusting it with the storage of your access data. As a rule, good password managers meet these minimum requirements.
If you understand and apply the above tips, you will meet the requirements for strong passwords. But the security of this access data is not only dependent upon that.
You should check whether your data have been found during a cyber attack and were published on the web. The Hasso Plattner Institute offers a trustworthy service for this.