Did you ever wonder just how hackers gain access to user accounts? One way of “breaking in” is through guessing a user’s password. Creating a strong password goes beyond coming up with something that your friends or family won’t guess. Creating a strong password keeps hackers (typically people with criminal intentions) from gaining access to your email, contact lists, financial records, bank accounts and anything else on your computer.
Techniques for Stealing Passwords
Hackers can easily find information online about you: names of you, your family and friends as well as birthdates, pet names, favorite activities, names of your street and city, even where you went to grade school. Armed with this information, they use automated programs to search possible words, including words spelled backwards.
Another common method is a dictionary-based attack: hackers obtain your “username” which is commonly displayed on many sites you may frequent, such as social media and merchant pages. Then, your username is combined with every word in the dictionary, in hopes of coming up with a match. In the “brute-force” type of attack, the hacker will start with your username, and employ a program which tries every possible combination of keystrokes, hoping to come up with a match.
Guidelines for Strong Passwords
- In general, a strong password should be as random as possible since actual words are easiest to guess.
- Minimum length should be 12 to 14 characters. This makes it more time-consuming to guess.
- Use a combination of upper/lower case letters, numbers, special characters and punctuation marks.
Examples of Weak Passwords: Avoid Using the Following as Passwords
- Repetition, such as hellohellohello
- Dictionary words
- Letter/number sequences, such as 1234 or ABCD
- Usernames, even if characters are added after it
- Names of relatives/pets/friends/schools/favorites
- Biographical information, such as birth dates, ancestor names, graduation dates/schools
- The same password for multiple sites/purposes, since once it is guessed, the hacker has access to everything you have protected with that password
The short time it takes for you to change your passwords to strong ones may save you a ton of time trying to recover from a hacker infiltrating.