Have you ever wondered how to create a strong password? Or roughly how long it takes for a hacker to crack your passwords? Many websites will ask you for a minimum of eight characters, with three of four of the following:
- uppercase
- lowercase
- numbers
- special characters
Once you create this password, it will advise you that the password is “strong” – but it isn’t.
Cybersecurity professionals have conducted studies showing how quickly a hacker can brute-force* a password, with eight characters and three of the four complexity requirements listed below. The attack algorithm usually cracks the password in around seven minutes.
A strong password is the primary line of defence against any cybersecurity risk and helps prevent unwanted logins against brute-force attempts. You’re probably wondering, “Well then, what constitutes a strong password?” The answer is simple – the use of a passphrase.
What is a passphrase
A passphrase is a series of three to four words which are themselves capitalized, contain symbols to break up the spacing, and can potentially be bookended by numbers.
These random words could be ones you can visualise in your mind, or even your favourite movie characters.
Let’s create an example of a passphrase:
- Select three to four random words: orange eagle flying car
- Add some complexity using capital characters: Orange Eagle Flying Car
- Add a little more with a special character in between: Orange-Eagle-Flying-Car
All done! And it’s a password that contains 23 characters!
When creating passwords, it is recommended to never reuse passwords across any platform, especially for critical services such as email accounts, banking, and the ATO.
How to make it easier to remember passwords
To make sure there is never a reuse of passwords for any of your accounts – and so that you only ever have to remember one ‘master password’ – utilise a password manager.
Password managers provide you the ability to randomly generate passwords and save them in a secure vault which is encrypted.
Most password managers allow you to utilise biometrics to login from compatible devices and prefill information from websites or apps and will also allow you to do so from web browsers.
For advice on what password manager would best suit your needs, contact our Information Technology specialist, Andrew Grgic.
How to make an account even more secure
To make any account even more secure, utilise multi-factor authentication methods such as biometrics (fingerprint scanners and facial recognition), authentication apps or even text messages.
Next steps
Utilising a strong password is the first step in protecting both your private and business information from falling into the wrong hands.
Speak with your local Nexia Advisor today to discuss how Nexia’s Information Technology specialists can help better protect your online presence or if you have any questions about the items discussed in this article.
*Cracking a password by running a series of phrases in a list through various iterations and substitutions of characters, numbers, and symbols in order to find the correct password. Usually run through a script with the ability to generate thousands of attempts per second.