Password security has elicited blank expressions in scores of business meetings, but what do you know about it? Can you recall the characteristics of a strong password? With this insightful listicle, we aim to unfurl the mystery of the secure password, ward off cyber threats and instil good password and security practices.
Did you know that any windows NTLM password of nine characters or less can be cracked in less than one minute? Alarming as that may seem, we’re here to help. Follow our simple guide and prevent password breaches and reduce cyber risks in ‘Unlocking the Secret to Password Security’.
Password Security: The Guidelines
There is a simple formula for choosing the right word and letter combination for a secure password. Here are the five guidelines for a secure core password:
1. Choose three words at random:
- 1: Mountain
- 2: Lamp
- 3: Hedge
- Symbol: _
- Number: 8
- Resulting password: Mountaina_mphedge8
Now you have a secure core password.
Following this method gives you a long password in plain English, a password able to avoid brute-force password attacks and prevent a dictionary attack. Here are a few quick definitions of this type of attack in cyber security:
Brute-force Password Attack
A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your website requires user authentication, you are a good target for a brute-force attack. (OWASP)
Dictionary Password Attack
A dictionary attack is a brute-force technique where attackers run through common words and phrases, such as those from a dictionary, to guess passwords. (CSO)
After picking your core password: Mountaina_mphedge8; use it as a springboard for your other accounts. To clarify, use Mountaina_mphedge8 followed by an acronym, for example, Mountaina_mphedge8fac will be the password for your Facebook account or Mountaina_mphedge8lin for LinkedIn.
If you would like more information regarding cybersecurity protection read our article 10 ways to prevent a cyber attack
2. The Don’ts of Password Security
Remember to avoid using personal information like names/company names, birthdays, addresses, hobbies etc. In the event of a cyberattack, a hacker may use a bot to scan your existing social profiles. In addition, they can scan your friend’s profiles, and scour your employer’s website for keywords to aid unauthorised access. Here’s a hypothetical scenario, your friend Joe is at your 40th birthday party and has innocently snapped a picture of you cutting the cake. A hacker deploys their bot to scan your profile, and as a result, discovers the 40th birthday party post. Now, they have your date of birth. Moreover, they can discover whether that is a component in your password and gain unauthorised access.
In addition to password security, further strategy is needed and we have some insights that you may benefit from. Read Kickstart your Cybersecurity Strategy to get an all-encompassing security solution
3. Password Security: The P!tf@lls of L33t $pe@k
There is quite an amount of misinformation about how to choose a safe password. Due to its usage by the technology community, some assumed ‘Leet Speak’ was secure but this isn’t true. Firstly, ‘Leet Speak’ refers to the substitution of letters for numbers/symbols in a password. For example, Leet Speek becomes L33t $p££k. This was initiated by hackers in the 1980s for covert communications but is an easily predicted password choice.
Leet speak, also known as hackspeak or simply leet is the substitution of a word’s letters with numbers or special characters. “Leet” is derived from the word “elite,” which refers to the hackers who originally turned leet speak into a sort of cult language in the 1980s. (Global Reach)
4. No Password Sharing with Co-workers
Let’s face it, sometimes sharing a password with a colleague can save time and effort. There is nothing more frustrating than being close to finishing off a project and suddenly having an access issue so what’s the harm?
Password sharing or weak password creation is responsible for eight out of ten security breaches, according to a report by Verizon. In addition, if a hacker were to gain entry, a shared password can have disastrous implications for database protection. What was an isolated incident can turn into a series of cybersecurity attracts and subsequently, leave your company open to GDPR breaches and complications.
5. Password Security: Avoiding a Network Attack
According to the Boston-based cybersecurity business Cynet, weak or stolen passwords are one of the main causes of network breaches. Other common network threats come in the form of a lack of protection from social engineering, insider threats and previously compromised accounts.
Leaf has cybersecurity expertise forged over years of problem-solving and creating robust solutions for our clients. For more information, read our staff profile for our cybersecurity expert Justin Archer.
From core passwords to the pitfalls of ‘leet speak’, we’ve covered the ins and outs of password security. Consequently, you can now create a secure core password, banish any password-sharing and protect your network. It’s important to remember that password security is just a stepping stone to better security practices. In today’s connected world, it is paramount for businesses of all sizes to seek security solutions to protect themselves and their customers.
If you’re seeking an unrivalled IT service, fill in the form below and contact one of our experts. We have decades of experience and an acute knowledge of the products we service, we are Leaf, a result-driven service for the modern business.