There have been a rising number of high profile security breaches of late, affecting millions of people all over the world and proving that even the biggest companies can be affected by something like data theft and password cracking.
This, along with the news that personal data traded by criminals has trebled in just two years, shows that greater measures need to be taken when it comes to creating and securing systems and this starts with passwords. Experts in the IT industry are now stating that online passwords for banking and shopping should be changed at least every two months in order to minimise risks.
Cyber criminals (and also those on the inside!) have ways of gaining login credentials, including usernames and passwords, showing just how important it is that people change their passwords regularly.
One of the most common requests for help that our IT Service Desk team receives is to reset a forgotten password. We recognise that it’s not always easy to remember them…especially if they are ‘strong’ in terms of being properly secure. So what’s the answer??
If you keep forgetting or don’t know how to craft a secure password, then you need to read on for some top tips and a handy helpful guide.
But it’s not just individuals who put themselves at risk by using weak passwords; businesses are just as guilty. This is why it is extremely important that businesses set strict password policies in the work place explaining the importance of strong passwords and how regularly their staff should change them.
Whilst educating employees is the best defence against security breaches caused by weak passwords, IT managers should also consider implementing expiry dates on passwords so that employees are forced to change them on a regular basis. This may be annoying to computer users but it is fundamental to securing IT systems.
Today cyber criminals and hackers have all sorts of tools and techniques for cracking passwords and gaining access to individuals’ personal and bank details, as well as companies’ confidential data.
One way they can do this is through what is known as a ‘brute force attack.’ This basically involves them working through different combinations of characters until they find your password. This is why it is strongly recommended that people make their passwords as long, random and difficult as possible.
Another method is called the ‘dictionary attack.’ This basically requires them to work through words in the dictionary until they find the password you have used. We recommend that you do not use correctly spelled or complete words at all.
People have a tendency to use their personal information, such as their children’s, partners, parents and even pet names as their passwords. The problem with doing this is that a hacker only has to find out this information about you (perhaps via your blog or social media pages) and they’ll have access to your information.
Some hackers also obtain passwords through a process known as key logging. This occurs when malware is unwittingly downloaded onto a user’s device that covertly captures the keys they are pressing on the keyboard. The information is then relayed to the hacker so they can determine the password and access the user’s details or in the case of a business, the network.
Here are a few tips to help you create better passwords.
Our first tip for creating stronger passwords is to use as many unique passwords for your online accounts as possible. The problem is that if you use the same password over and over again and a hacker gets hold of it, they’ll be able to do a lot more damage.
Our second tip is to ensure that your passwords always feature a wide range of characters. Make sure that they are not always letters or numbers. A strong password with feature a combination of letters, numbers and other keyboard symbols or be a “passphrase”, such as ‘thehillsarealivewiththesoundofmusic’.
Our third tip is to make sure you change your passwords every couple of months (at least). If you run a business that uses computers (which most do these days) it is important to stress this rule within your password policy to help prevent security breaches.
Avoid using birthdays, your partner or children’s name or basically easy to predict password combinations. For example if your wife is called Jill and she was born in 1963, a password Jill1963 is very easy for a hacker to guess if they have access to any of your personal information, which might be readily found online on social media.
For more information about how to create strong passwords and avoid becoming a victim of password theft, you can request and download our free password guide. This guide will teach you how to create 3-Dimensional passwords and provide tips on how you can out-smart even the most intelligent password-cracking software.
We have written it in plain-English so it’s easy to understand and have already received great feedback from clients who have followed the guide and used it to create password policies in the work place and improve the security of their systems.
Image credit: formalfallacy