Let’s face it, virtual
or cyber crime is on the rise and password hacking plays a big part
in how criminals can easily gain access to your online information or
online accounts. In order to make it more difficult for the criminal
fraternity it’s important to adopt a strong password policy, but what
constitutes a strong versus a weak password? Let’s take a closer
look…
easiest passwords to crack are the short, non-complex variety with
personal meaning? They contain information that can be easily found
through open source intelligence such as social media channels,
education information, court filings, or any other type of
information that’s both easily and readily available. So passwords
like your dog’s name followed by the number 1 probably isn’t a good
idea.
Other common weak
password data includes:
-
Default passwords
such as admin or user -
Passwords that are
under 8 characters in length -
Passwords that
lack complexity such as passw0rd, 123456, qwerty1234, 1111, abc,
letmein, etc -
Reusing the same
passwords for a variety of logins -
Using birthdays as
the entire password eg, 25121970 -
Utilising ! or ?
as a special character and placing it at the end
The bottom
line is that in order to maintain password security there should be a
good balance between creativity, length, complexity and being able to
remember it. Strong passwords should be random with a good mix of
letters numbers, and symbols and should contain no personal
information that’s readily and easily available such as the names of
partners, pets, and dates of birth. A good strong password might also
include:
- Non-English
characters such as Õ À
or ö -
Non
dictionary words or common misspellings -
Shortening
words and phrases to acronyms and adding numbers – eg, ‘I love
blogging about security’ can equate to ilbas
but by adding random numbers it becomes ilbas89754 -
Non identical passwords – eg,
original passwords that you don’t have anywhere else.
In addition it’s worth pointing
out that a strong password isn’t just about the complexity of the
letters, numbers, and special characters contained within. It’s also
about where you store it and where you type it in. Many businesses
now adopt a ‘clean desk policy’. This means that sticky notes are
removed from monitors and pieces of paper aren’t kept in desk
drawers. The simple reason is that they could contain written
passwords that any passing person or opportunist might be able to
sneak a peak at. In addition avoid passing passwords around in email
threads as they can easily fall into the wrong hands. Finally you
might want to be cautious about URL links asking you to reset your
password. This may be the work of hackers.
So
there you have it, everything you need to know about password
security. Here at MA Security we deal with every aspect of security
for your business from static guarding, key holding, and alarm
monitoring, through to cyber security protection and best practices.
Why not give us a call on 1300
020 406
to see just how we can help you today.
