Do you use the same password on multiple accounts online? If so, perhaps it is time to make some changes as soon as possible before a hacker gets their hands on all of your private information. Read on to find out how to generate tough, unbreakable passwords.
Why are passwords important?
Passwords, in the context of information technology, have been in use since around the `1960s. Nowadays, we are required to create and remember passwords for everything from your bank account to your social media accounts.
You can think of them as your own personal digital keys and an important way of keeping your digital information safe, secure, and private. Cybercriminals constantly attempt to get access to your social networking or email accounts, they are usually after the financial benefits of getting access to your bank account.
Of all of your passwords, you can think of those used for your email account or social media accounts as the most critical to keep strong and private. If someone was able to get into your email accounts, it could allow access to many of your other online accounts by using the "forgot your password?" function available on most sites.
Cybercriminals also love to get access to your social media accounts, as this allows them to attempt to scam your friends by sending them less than honest links or fake messages asking for money.
While you could have previously gotten away with using a short word or phrase of six to eight characters long, passwords need to be harder to predict today.
How can hackers crack your password?
Cybercriminals are able to crack your password in various ways outside of simply trying to get your to disclose it through phishing or spyware. One favored method is to simply attempt to guess what it might be using personal information gained from your security questions.
For this reason, it is very important you do not include personal information of any kind as part of your password. While it may make the password easier to remember, it can also make it that much simpler for hackers to crack it.
Another method is through the use of a password cracker. These use brute force to crack passwords by trying multiple combinations of characters over and over again until it gets the right combination.
This is the reason that your passwords should be as long as possible, and use a combination of numbers, letters, and other characters. The longer and more complex a password is, the less likely a password cracker will be successful, as it will take a very long time for it to work.
If your password is longer and more complex, hackers will tend to use another method, called a dictionary attack. This is a simple list of words or phrases commonly used as passwords.
For this reason, it is best to choose either a random combination of letters, numbers, and characters, rather than actual words.
In fact, a Reddit user recently posted an interesting graphic on just this subject. Gathering information from the password strength analysis site howsecureismypassword.net (now security.org), the importance of longer and more complex passwords is really hammered home.
As you can, the "sweet spot" for the best passwords is colored in green. Less strong passwords types are colored yellow, and the weakest of all purple.
What is interesting to see, is that even with a mixture of numbers, upper and lowercase letters, and symbols can still be cracked very quickly if less than 7 or 8 characters long.
So, take heed!
Another way hackers break your passwords is through unsecured Wi-Fi networks. Networks that require no password needed to access allow hackers to easily gain access to your computer. If you have to use an open Wi-Fi network, make sure you have a VPN running.
Another common way cyber-criminals get hold of your data is through exploiting unsecured websites. Through these sites, hackers can use something called a man-in-the-middle (MIM) attack. For this reason, you should always check the top left of a website's address to make sure it has a padlock symbol.
Hackers also create malware programs that are able to extract your passwords without your permission. The most common source of malware is non-familiar applications that you download off the net. If you really need to use these kinds of programs, you might want to consider using something called "Sandbox".
This program effectively forces the site to run in a protected environment and only allows basic resources to be used. It also restricts their permissions to access things like your computer files, etc.
Yet another approach is to extract your security details when linking things from sites like Facebook to other sites. Try not to link to untrusted sites, particularly if you are ever requested to do so.
If you use Windows, make sure you keep your operating system up to date. Also, try to move away from Windows XP, as it has a high risk of being hacked, especially after its source code was reportedly published.
Hackers also attempt to get your private information using suspicious email attachments. By using SMTP header injection, hackers can insert malicious viruses, spam, and phishing websites onto your computer.
Yet another way cybercriminals attempt to grab your security details in by exploiting cloud servers using Distributed Denial of Service (DDOS), otherwise known as a "man-in-the-cloud" attack. To prevent these kinds of security breaches, it always advisable to back up your data to an external storage device.
Are longer and more complex passwords better?
In short, yes, but that doesn't necessarily mean they cannot be broken. It just means it takes a considerably larger amount of time to crack one that is fifteen characters long as opposed to five characters
In October of 2019, a new record was set for a computer attempting to generate every conceivable password. It did this by making somewhere in the order of 100,000,000,000 attempts per second.
Most hackers rely heavily on computing power to perform brute force attacks. This method attempts to simply bombard systems with as many password generations as possible.
Some cloud-based systems are able to crack an 8-character password in less than 12 minutes for a cost of just $25. This is important, because most passwords are used to protect sensitive information, providing cybercriminals all the motivation they need to attempt such an endeavor.
Successful hackers can also make a nice living by selling cracked or stolen login details through online markets like Empire Market.
How do you generate an unhackable password?
Give the importance of strong and secure passwords, you may wonder what the best practice might be to create one? According to various cybersecurity professionals, like Norton, there is a series of do's and don'ts when choosing a password.
For example, it is recommended that you use Two-Factor Authentication (2FA) whenever you can. This security method adds an extra layer of safety for your account and makes it that much harder for hackers to break in.
When using 2FA, you can choose two or three types of identification:-
- Another password or PIN
- Using some information from a tangible item like the last digits of your credit card or a code that is sent your mobile device
- A physical part of you like your fingerprint or voice
As previously mentioned, always make sure that you use both upper and lower case letters, as well as symbols and numbers. Ensure your password is at least eight characters long, and the longer and more complex the better.
Obviously. make sure you never use commonly used passwords like 123456, "password", "qwerty", 11111 or a complete word like "monkey". This is to prevent the aforementioned dictionary attacks from being successful.
If you are dead set on using an actual word, try to intentionally misspell it or replace some letters with numbers. Also make sure it is not a derivative of your name, a family member's name, or your pet's name. Also never use phone numbers, addresses, birthdays, or Social Security Numbers.
Another good piece of advice is to never use the same password across multiple websites and accounts. Many cybersecurity packages come with password managers if you have trouble remembering them. You should also never write down your passwords or share them. You should also get into the habit of regularly changing your passwords. Some sites will force you to do this periodically.
It is also advisable that you never actually agree to your password being saved by internet browsers. While very convenient, it can leave your details vulnerable.
This might all sound like a lot of things to juggle, but the cost can be very real if hackers get access to accounts.
What is the best online password generator for creating tough passwords?
Some of the best password generators out there are as follows:
1. Dashlane is a very good password generator
Dashlane is widely considered one of the best password management programs around. It offers a very secure online and in-app password generator that allows you to specify the length and character types used.
Passwords can be generated from between 4 and 40 characters, and you are asked if you want to include numbers, letters, symbols, and any combination of them. Like most password generators, it will also give a visual scale to determine its strength, green for strong, red for weak, etc.
Dashlane also offers the ability to store multiple passwords in one place too.
2. KeePass is a great service for generating your own tough password
A free and open-source password generator, KeePass is another powerful solution for your secure password needs. Its password generator forms part of its larger password management program.
KeePass is not the easiest system to use as it can be a little tricky to install and setup, but once complete, it offers one of the best ways to generate new passwords.
Passwords can be generated using standard random compositions as well as setting your own preferred generation rules. You can select, for example, always include upper and lower case letters, numbers, special characters, etc.
3. LastPass helps you generate some very strong passwords
LastPass is yet another powerful password generating service. It is 100% free to use and comes with a nice selection of additional features.
You can use both online through their website and also by using their very handy app too. Like others listed here, you can set the length of the password you want, and how complex you want them.
Along with this powerful password generator, LastPass also offers one of the very best password managers around.
4. Strong Password Generator does exactly what it does on the tin
Yet another powerful password generating software is the aptly named Strong Password Generator. A simple, yet powerful online tool, it is designed from the ground up to create near-unbreakable passwords with just one click.
Any and all passwords are stored locally on your computer and are never stored online or on the program's servers. Like others mentioned here, you can define your own rules for creating passwords and there is no limit to the length of passwords created.
Each new password can be generated to include a mixture of alphanumeric characters and, of course, special characters too. New passwords are also provided their own unique QR code so you can safely transfer them to mobile devices like your phone.
5. NordPass is another great password generator
And finally, NordPass is also a great choice of password generator for your cybersecurity needs. You can use it online or through its own app, and it allows you to quickly create new passwords with ease.
The software allows you to generate passwords up to 60 characters in length, which can also include upper and lower case letters, digits, symbols, or any combination of them. With the generator, you can also exclude ambiguous characters like the number `1 that could be easily confused with some letters.
The application is also great and allows you to save your new password immediately. NordPass' basic version is also free to use.
And that's a wrap.
Given the very real risk of leaving yourself exposed to nefarious agents online, it is probably time you upgraded your catalog of passwords ASAP. The extra time taken will really save you dividends in the long run.