We strive to educate and implement the best practices for IT Security including password security.
One of the most common ways for a hacker to break into a computer is via a password. As a result, repeatedly using the same passwords or using “weak” passwords can leave you vulnerable to hackers. Hence why establishing strong password security is of the utmost importance.
Most people set passwords based on what they can remember. However strong password security focuses on what is difficult for hackers to guess. As hackers are using more sophisticated methods, the balance to create strong password security is becoming harder to achieve.
Best Practices for Password Security
The guidelines for strong password security are:
- to use a minimum length of 8 characters;
- include a mix of uppercase and lowercase letters;
- include numbers as well as special characters.
Why is this so important?
Passwords that don’t follow the above guidelines can be cracked in as little as 2 seconds. The question isn’t if your password can be cracked, but rather how long it will take to hack your password. In fact, the longer and more obscure the password is, the greater time and processing power it will take to crack it.
As mentioned earlier, today’s password cracking tools are extremely sophisticated. They run on specific criteria and speeds that can be used to gain access to a site, computer, server or anything that is password protected.
A common cracking method is known as a “Brute Force” attack. This method will systematically run on many passwords, checking all possibilities until the correct one is found.
One example of a Brute Force type is a dictionary attack. It will try all words in the dictionary and then start adding on numbers and special characters. Other attacks will run on commonly used passwords and paraphrases or combinations of letters and numbers.
Do’s and Don’ts when creating passwords:
- Do not reuse passwords – if one account gets hacked, it is very likely the others will too.
- Avoid using personal information – names, date of birth etc.
- Follow the guidelines. The most commonly hacked accounts are passwords that consist of lowercase letters alone.
- Avoid vocabulary words. Fruit, Colours, Cars, Countries etc.
- The 8-character guideline is a minimum length recommendation, not maximum.
- Remember, the more obscure, the safer you are. An illogical password such as: ‘_Wireless flamingo’ can take more than a trillion Years to crack. Simply adding a space or a special character at the beginning of the password can substantially extend the cracking time.
- Using leetspeak (replacing letters with numbers) on a dictionary word doesn’t make your [email protected] secure, just slightly longer to crack.
- Use paraphrases. ‘The blue ancient’ or ‘footballoceandog’ is far more secure than ‘E22prJAv%’ and much easier to remember.
- Please don’t store the document with all your passwords on your computer or save them in your Gmail account.
Most alarming, is that it only takes one stolen password to cause widespread damage. Furthermore, it can result in a data or financial breach to yourself, your contacts or your organisation.
If you are a business that requires further assistance with IT Security, contact us for a chat today.
IT Security Sydney
Techstream Solutions are Sydney IT consultants located in the business district of Frenchs Forest on the Northern Beaches. We are proud of our reputation for providing a bespoke IT support service to our clients. With a dedicated computer support help desk and easy ticket management system, our highly experience consultants and engineers are readily available to provide effective ITC support assistance. After all, we understand that downtime can be stressful and frustrating. We aim to ensure your workplace environment is running at maximum efficiency and any ITC issues are resolved swiftly by our support team. Our experts can attend to all your business computer support requirements including managed IT, cloud services, backup and recovery, and cryptolocker decryption security. Our IT consultants can manage every aspect of your ITC infrastructure projects and upgrades.