The SECRET TO a Good PASSWORD

One of the ways hackers and criminals gain access to websites and email accounts is through weak passwords. The number of brute-force attacks we see aimed at both is large. A brute-force attack is when software, often running on multiple infected computers, continually attempts to guess the password of the target site or account. Some attacks use random characters, many use dictionary attacks and commonly used or known passwords. What is concerning is that even though there is a great deal of publicity and education on the need for strong passwords, many of the security breaches we see are from people continuing to opt for weak passwords because they are easy to remember.

Because hackers often have access to so many infected computers, the resources at their fingertips is vast. This gives them the ability to run a huge number of password combinations and attempts until an account is compromised. A website or email password can allow them to take control and do many things, including sending out spam that may get your mail server blacklisted on the net, or launch denial of server attacks on other websites. They can also steal other passwords and logins for your important online accounts or steal sensitive customer records and credit card details.

We all know that good passwords are long and difficult to memorise. People tend to write them down, or forget. It's important not to use full words or names, particularly ones that might be in a dictionary or lists of common names or words. Examples of some common passwords are 12345, qwerty, abc123 and even password! I love to joke that my password is "incorrect" as when I type a password in wrong it reminds me "Your password is incorrect"!

So how do you make a good password that is easier to remember? The trick is one of association. By taking items or events strong in your memory you can have a better chance of remembering. Let's say you took an amazing trip to Switzerland and Sweden in 2017. From that important and memorable event, we can take parts of those 3 things to build a password. Perhaps we could use Switz and the numbers 17 and Swed to build Switz17Swed. We might even like to use additional capitals, so the start and end of each partial word is in Caps, eg. SwitZ17SweD. You could also use a $ sign to remind you it cost a lot of money for the trip or some other symbol that you like. So now we have SwitZ17SweD$ as our password. It meets many of the criteria for a good password, long, a mix of upper and lowercase, includes numbers and non-alpha-numeric characters, isn't in the dictionary or a name and yet you can remember it by simply thinking of that trip. Another advantage is you could even write down a prompt word like "holiday" to remind you this is the password you used for this account and it wouldn't compromise it at all.

Weak passwords can expose you to great risk, but by making a memorable strong password you can keep your personal information, banking, email or website safe without the pain of forgetting or having to write it down.

One last point, don't tell people your passwords, they are meant to be secret.

 

To see the other articles visit www.awe.net.au/articles