When creating an account on a website such as Facebook, Twiter or even Gmail, you are usually required to create a password. The password, along with the account name or ID, is what you can use to access your account whenever you want to login. However, using a weak password can result in someone else hacking your account and stealing your information. So this begs the question: which type of password would be considered secure?
In this comprehensive guide, we will be explaining the anatomy of a good password and how it relates to security on the Internet. Aside from that, we will shed some light of the dos and don’ts of creating a password as well as different ways you can secure yourself from password theft. At the end of the article, you will be able to know how to create a secure and strong password to use on any website.
What is a Password?
Before we get started explaining what is considered to be a secure password, let us first shed some light on what exactly a password means. Simply put, a password, otherwise called a passcode refers to a string or combination of characters that is used to verify a users identity during an authentication process. This means that without entering the right password for a particular platform or system, you will not be granted access to it.
A password does not necessarily have to be an actual word. As a matter of fact, it can be a combination of digits, letters and other symbols. If the characters permitted in a password are constrained to only digits, then it is referred to as a Personal Identification Number (PIN). On the other hand, if the password includes spaces and its length is more than a random string of letters, then it is considered to be a passphrase.
What is a Weak Password?
Now that you understand what the meaning of password is, what then can be considered as a weak password? A weak password refers to any password that can be detected easily by both humans and computers. They are usually obvious strings or a combination of characters that are easy to remember and guess. To ensure that your account on any website or platform is secure you need to make sure that it is not a weak password.
But why would an online platform or any system allow you to use a weak password in the first place? The reason is for the ease of users. This way, users can use combinations of letters, digits and symbols that they can remember easily. However, with the advancement in technology as well as the high rate of password theft, many platforms now enforce password complexity and will not accept any password that is considered weak.
Which Type of Password Would be Considered Secure? – Common Pitfalls and Mistakes
In this section, we will talk about some common pitfalls and mistakes that people make when creating a password. One of the most common mistakes is to use the default password. Doing so will open you up to the risk of an attack because such password is usually public knowledge. Another common pitfall is using derivatives of your name, name of your pet or that of a family member. These kinds of passwords are easy to guess and are considered weak.
You should also avoid using the same password across multiple platforms and websites. This is because it can expose you to greater risk since if the password is being cracked on one platform, it means that it is cracked on the platforms you used it on. Additionally, you should avoid saving your passwords on the browsers of your system as an attacker only needs to gain access to your system to reveal all your stored passwords.
Password Hacking Tools
There are several tools that hackers use to sniff and steal passwords. These tools are generally referred to as password hacking tools. Two of the most popular password hacking tools are Hydra and John the Ripper. Hydra is basically used for password guessing by working with a reasonable password list that is provided by the attacker. As for John the Ripper, it takes the encrypted form of a password, also called hash, and tries to recover the actual strings from it.
Common Password Attacks
Just the same way there are several password hacking tools that attackers use to steal or guess passwords, there are also several kinds of password attacks. The six most common types of these attacks are dictionary attacks, brute force, traffic interception, man-in-the-middle attack, keylogger attack and social engineering attack. Regardless of the type of password attack, the goal is always the same – to get access to an account or platform without being an authorized user.
The weaker your password is, the easier it will be to use most of these attacks as well as hacking tools to steal or bypass it. So in order to make it almost impossible for an attacker to steal your password, it is essential that you make it a strong one. Additionally, do not forget that using the same password on multiple platforms can open you up to more risks, so you should avoid doing so.
Protect Yourself Against Password Theft
The internet is filled with risks, and you need to be very cautious of what you do when surfing this great invention of the 20th century. You should not open files or links from untrusted source as it may be an attacker trying to steal your password. Aside from that, you need to be wary of the USB drives that you insert into your computer as some of them might carry codes or software that can sniff your activities out.
You should also make it a habit to log out of websites and devices once you are done using them because leaving your accounts logged in can be used as a way to steal your private data. Another thing you should avoid doing is writing your password down. However, if you must do so in order not to forget in the future, you should make sure that you keep them safe only where you alone can access.
What Makes a Good Password?
Creating a good and secure password is not as difficult as most people think. There are just some key aspects that you need to put into consideration. First, a strong password is usually lengthier. This is because the more the length of the password, the more difficult it is to bypass it. Besides that, a secure password is a mix of upper case and lower case letters along with digits and symbols that have no connection with your personal information or dictionary word.
When including symbols in your password, it is advisable to refrain from using “<” and “> as they may cause problems for a web browser making them translate it as a line of programming code instead of characters of your password. In terms of the length, the standard minimum length of a good password is 8 characters. You should also ensure that you do not use memorable or sequential keyboard paths, and avoid common substitutions such as changing “Morsecode” to “M0RS3C0D3”.
Use Great Tools to Your Advantage
One of the common issues that people have when it comes to creating strong passwords is remembering them. And since it is quite risky to write down all your passwords on paper for fear that it may get into the wrong hands, you may want to consider using some tools and technology to your advantage. There are numerous secure and great password managers available that you can install on your device to safeguard your passwords and most of them support autofill.
Install an Antivirus
You may have heard it before: installing antivirus software is a must. They help protect you against different kinds of attacks and viruses. Thus, as you are creating secure passwords for your different online platforms, you need to make sure that your devices, whether computer, smartphones or tablets have an antivirus installed on them. You should also make sure that you update the antivirus from time to time as hackers create new viruses each day.
Secure Password – Good Practices
Even after creating the most secure password, you don’t leave it at that. You should ensure that you change your password periodically. Using the same password for a long time can still open you up to risks. To understand why it’s important to change passwords frequently, consider this scenario. An attacker can carry out a brute force attack on your password that may take 40 days to complete. If you do not change your password before then, such an attack will be successful.
Whenever possible, it is also recommended that you use multi-factor authentication. This is simply an authentication method that requires you to present two or more evidence of authentication before you are granted access. With multi-factor authentication, you can use your password and still require the platform or website to send a code to your phone or email before you can be given access. This way, your account is safe even if your password is compromised.
So far, we’ve explained all the things you need to know about creating a secure password in this article. Remember that your user name or ID and password is what grants you access to your accounts on many platforms and websites, so you should make sure that it is secure. Always create a password that is lengthy and consist of upper case letters, lower case letters, digits and symbols. Additionally, avoid using passwords that are easy to guess.