Password Security

Password Security

Blog

There are many ways to prevent potential hacking which can lead to dangerous cyber-attacks. The simplest preventive option is alarming often the one people ignore which is a strong password.

Nearly everyone will have been taught that “a strong password should consist of letters, numbers and be a minimum of 12 characters long.” While this advice is indeed still relevant, many choose obvious, memorable names or common phrases with slight amendments for example; instead of an “S” they choose “$.”

Hackers are getting smarter; they use automated software as a way to submit hundreds of guesses per minute to open your account. The tools use lists of dictionary words to sequentially guess the password, and some will even add common symbols, numbers or signs that it thinks you may have added to the word to make it more complex. Some cyber criminals go as far as using social media as a tool to guess your password based on your hobbies, family names and common interactions.

While this news is shocking, and you may feel the only solution is to delete all your social accounts and disappear from the world of the web altogether-this simply isn’t practical and there are ways to ensure your password is resilient, robust and memorable found here.

Having one password for all your accounts is just as vulnerable to an attack as having a weak password. Think for a moment how many systems you need a password for? To name just a few;

  • Accessing your computer
  • Email accounts (multiple)
  • Social Networks
  • Online banking
  • Accessing documents
  • Paying bills
  • Membership subscriptions

Ensuring each and everyone of these passwords is secure is one factor yet remembering them all can be pretty taxing. Advice from the National Cyber Security Centre is to keep your password for longer as changing too regularly often leads to weaker password selectivity and the user writing it down for ease of memory. We advise to change passwords especially those that link to sensitive data every 6 months to stay vigilant.

Using a password manager such as KeePass allows you to manage your passwords in a secure way. All your passwords are held in one database, which is locked with one master key or a key file. You only have to remember one single master password or select the key file to unlock the whole database. Encryption using the best and most secure algorithms currently known are then used to keep your details safe and hackers away!

Multi-Factor Authentication is now more common within the workplace, especially with remote working becoming more popular. Access is only granted when the user has confirmed two or more pieces of evidence i.e. a password and then a security code sent to the user’s phone. You may have already encountered multi factor authentication without even releasing it. ATM’s for example use the individual’s card and pin to authenticate and our mobile phones have the functionally of finger print/face recognition along with a passcode. We wouldn’t compromise on using multi factor for these uses, so why would we risk it for our business?


   Red cross

         Footb^ll1903

  • Common hobby
  • Easily identifiable from various sources                                                                             
  • Common substitution for letters
  • Using a traceable number such as DOB-hackers don’t send birthday cards!

         Catinthehat

  • Overused phrase
  • Easily identifiable from various sources                                                                                                                                

         My3R%tLnsv$$!

  • Too obscure for regular use
  • Are you really going to remember that?

green tick

        monkeyandlionrodeabike

  • A passphrase consisting of random words such as “monkey and lion road a bike” is much more difficult to hack 
  • A visual stimulus enables the phrase to be more memorable

        Mon3eyandlioNrodeab!ke                                                                                 

  • For Super Security you could then add substitute letters for numbers or special characters-we advise a mix of 2 capital letters, a number and special characte

 

Lion on a bikemonkey


  

 

Digital Padlock