Passwords are a ubiquitous part of the digital age. They are the digital keys to our networks of friends, our work colleagues, and even our banking and payment services. While some cybercriminals may want to hack into our social networking or email accounts, most want the financial gain that hacking bank accounts can bring. After many years working in the I.T industry, I have found that one of the biggest complaints I receive is the inconvenience that is coupled with the requirement to change passwords regularly and the volume of passwords that a user needs to remember. Surprisingly, the same complaints are made by those who display poor password security habits such as using the same password everywhere and often use obvious tricks to please the conditions required such as simply adding or changing a number to the end of their original password
Password security is one of the critical problems in cyber security today. Many people are relaxed and would rather set an easy to remember password then to protect their valuable information and money. All a hacker needs is your user ID (say, e.g. [email protected]) and in a matter of minutes can be invading your bank account or employee email account. You can go to a site https://howsecureismypassword.net to find out how long a hacker will take to hack your account. You will be surprised at the results. In the Below example I have used a pets name and some numbers.
Here are some password security tips on what you should and should not do regarding passwords.
Create a difficult-to-guess password – All user-chosen passwords must be difficult to guess. Words in a dictionary, derivatives of user-IDs, and common character sequences such as “123456” must not be employed. Likewise, personal details such as spouse’s name, vehicle license plate and birthday must not be used unless accompanied by additional unrelated characters.
Contain as many characters as possible – longer is better, although some websites do have a limit: Passwordisreallyreallylong! is better than short1
Include uppercase and lowercase – mix it up a bit, not just the first letter: ITSnotTOOhardTOMIXTHECASES!! is better than Generic1
Include a number and/or symbol – Again, mix it up a bit. Don’t put the number or symbol at the beginning or the end: ADDSOMEsymbols$$HERE&THERE is better than Symbol$
Include multiple words – Multiple words is easier to remember than a sting of random symbols, numbers, and letters: PASSphrasesarewhatyou#WANT244 is better than Password1
Skip commonly used themes – such as birthdays, anniversaries or names of loved ones and pets. If someone knows you personally they are half way there.
Never contain the name of a family member, friend, or pet – Father1950, Lucy98, Rexy1,
Never contain the name of your town, or street address – Gympie2810, 31SmithST
Turn Letters into numbers and symbols. – Replacing a few letters with numbers and misspelling words or using acronyms and abbreviations is a great trick to make your password more unique i.e. 0 instead of o, 1 instead of l, $ instead of s. For example Daniel can then become [email protected]!
Never contain only a single word – Single dictionary words are the worst password you could choose. A cyber criminal attempting to log into accounts is going to access the accounts with the most simple passwords first. If you password can be found in a dictionary, your account will get compromised first.
Play with your keyboard – Some passwords just don’t flow well. You can use your keyboard as a blank canvas and craft a new password from a pattern of keys.
Passwords must never be reused – never construct passwords, which are identical or substantially similar to passwords that has been previously employed.
Protection of passwords sent via eMail – Just like credit card details, never send login credentials via email
Never share passwords – Regardless of the circumstances, passwords must never be shared or revealed to anyone else besides the authorised user.