When it comes to securing your accounts for the various websites and apps you use, your password is your first line of defense. The use of weak passwords is a major contributor to cybercrime, which is becoming more prevalent.
Cybercrime victims have lost their lifetime savings, spent hours registering for new accounts, and had their credit destroyed by cybercriminals. Data breaches are mainly the result of compromised, weak, and reused passwords, according to the 2019 Verizon Data Breach Investigations report.
You shouldn’t let this happen to you. Since the amount and sophistication of hacking activity has been steadily increasing for years, it is absolutely crucial to start taking your online security more seriously than ever.
Digital security depends on your password. This is how you authenticate yourself. Sometimes, your password is the only thing stopping cybercriminals from stealing your information. However, the majority of us do not take passwords that seriously.
To a certain extent, it is understandable because most people don’t think of themselves as potential targets of cybercrime. However, once you realize that anyone can be a target, you’ll see why passwords are important.
Here are some scary hacking statistics:
- There is a hacker attack every 39 seconds (Source: Security magazine)
- Cybercrime is more profitable than the global illegal drug trade. (Source: Cybersecurity Ventures)
- Hackers steal 75 records every second. (Source: Breach Level Index)
- You can purchase a consumer account for $1 on the dark market. (Source: RSA)
- 80% of hackers say “humans are the most responsible for security breaches”. (Source: Thycotic.com)
- Hackers are the average American’s biggest fear. (Source: Statista)
- More than 6,000 online criminal marketplaces sell ransomware products and services. (Source: McAfee)
- There will be 3.5 million cybersecurity job openings in 2021. (Source: Cybersecurityventures)
- Bank transfer scams costs customers £1 million a day. (Source: DailyMail.co.uk)
Passwords that are strong and secure can protect your online accounts from attacks, but they do not need to be difficult to remember. Our goal in this guide is to help you create passwords that are not only secure and uncrackable, but also easy to remember.
Let’s jump right in!
How Hackers Crack Passwords
There are two main methods that attackers generally use to try to crack passwords:
1. Brute force attack
Using an uncommon word or phrase is not enough to create a secure password. Even if your password is difficult to guess, it may still be vulnerable to a brute force attack. When an attacker uses a brute force attack, he uses special computer programs that attempt every combination of symbols, numbers, and letters to guess your login details on a system-wide basis.
Hackers are often portrayed in the mind as sitting in front of a laptop, guessing passwords. This isn’t the case. Hackers have several ways of cracking passwords. The first one is to use automated software that can crunch billions of numbers per second. In general, passwords with fewer than 12 characters are susceptible to cracking. Hackers use this strategy to guess millions of passwords every second until they discover the correct login credentials. They do this by automating their specialized computer program. In general, hackers can guess passwords at a rate of 350 billion guesses per second using these tools.
2. Dictionary attack
With a dictionary attack, the hacker tries an ordered list of words such as you would find in a dictionary. This means if your password is an ordinary word that can be found in a dictionary, it will be cracked with ease.
Here are the top 25 most commonly used passwords primarily from North American and Western European users in 2020. Each of these passwords can be cracked in seconds. The most popular password in 2019 was 12345, followed by 123456, and 123456789.
Do you recognize YOUR password in this list?
The most effective password methods (and password examples)
We have learned that the shorter and more common a password, the easier it will be to crack it using brute force attacks. If possible, you should choose a password that consists of a random string of letters, numbers, and special characters that means nothing and is never easily guessed.
However, it is unlikely that you would be able to remember such a password for one account without a photographic memory. As you can imagine, this would be impossible if you had to do this for multiple accounts.
To create a password that is uncrackable and easy to remember, you can use certain techniques. If you follow these helpful tips, you won’t have to worry about losing the key to your online kingdom.
The Passphrase Method
In simple terms, a passphrase is a combination of words. It tends to be longer than standard passwords, but it’s easy to keep in mind and far more difficult to crack with brute force. A password with more characters is harder to crack, as we’ve seen already. Passwords are typically 8 – 16 characters long, whereas passphrases can be up to 100 characters long.
Consequently, you can create a strong and complex password and protect your online information using a long passphrase instead of a traditional password which is easy, powerful, and effective.
The Bruce Schneier Method
This is also known as the sentence method. To create your passphrase using this technique, start by picking a long, random phrase from pop culture such as the favourite lyrics from a song or a favourite line from a movie or book.
The idea is to come up with a random sentence and transform it into a powerful password using a rule such as using the first character of the phrase to create your passphrase.
For example, if your favourite song is Blame it on the boogie by The Jacksons, your passphrase could be “MY FAVOURITE SONG IS BLAME IT ON THE BOOGIE BY THE JACKSONS. IT WAS RELEASED IN 1978”. Based on the above technique, this is what your password could look like:
As you can see, this is a long and complex password that doesn’t make sense to anyone but you. You can easily memorize it, and you don’t even have to write it down to .
When you create a new password, get into the habit of checking how secure it is by using the website, how secure is my password.
As you can see, the above password will take millions of years to crack. This means it is virtually uncrackable, yet very easy to remember.
How can I create a unique password for each website?
It will be challenging and time consuming to create a unique passphrase for each online account, especially if you have over 100 accounts like the average user. However, you can fix this problem simply be creating a master password based on a passphrase and then add the name of each website to the end of your password. So, if your password is “MFSIBIOTBBTJ.” “IWRI1978.”, your Facebook password could be “MFSIBIOTBBTJ.” “IWRI1978.”Facebook. Your Twitter password could be “MFSIBIOTBBTJ.” “IWRI1978.” Twitter, and so on. This ensures that you have a unique and complex password for each online account, based on a single master password.
Using a Password Manager
Another way of ensuring that you have a unique and complex password for each online account is by using a password manager. A password manager is a software application that generates secure passwords for you and then stores them in a secure, encrypted database known as a vault. Then, as you visit your favourite websites, you can retrieve those passwords with the option of having them auto filled in your browser. So, you get all of the benefits of secure and complex passwords without actually having to remember any of them.
The Master Password
When you sign up to use a password manager, you will be prompted to create a master password. This is the only password you will have to remember. The master password protects all of your passwords, so it is crucial that you come up with a long and complex password that is based on the above technique.