The Problem
When working to secure our data we often overlook the most obvious of vulnerabilities, our passwords! We make our passwords easy for us to remember and in doing so they’re easier to break. First things first, a randomized 8 digit password is very strong. It’s made even stronger when providers require our passwords to have at least one uppercase letter, one lowercase letter, one special character, and one number. That process will generate 18,170,005,425,000 different passwords. If you were able to try 100 passwords a second, it would take you over 5,000 years to attempt every password! Surely, a randomized password would be almost impenetrable, right? Therein lies the problem, our passwords are not random. We compromise our passwords when we create them.
The characters we choose that compose our passwords are often words or numbers that have significance to us. For example, many numbers are often birth years, or just the number 1. Sometimes, it’s easier just to use a sequence of numbers like 123. By making the password relevant to us and easier to remember, we have made it easier to crack. In 2016 the 25 most common passwords made up about half of all passwords.
The Solution
Passwords are inconvenient. We’re supposed to have long, complex passwords and store them in our heads. To complicate our lives even further, we’re not supposed to duplicate our passwords for any site. While this may be ideal it’s also entirely impractical. The best way to maneuver through this seemingly impossible dilemma is to use a password manager. LastPass and Dashlane are both excellent choices that provide users with the security of having a complex password without the vulnerability of writing it down or the inconvenience of forgetting passwords.
Take a moment to consider how many passwords you have. Do you use the same password for different accounts? Do any of your passwords contain numeric sequences? Are you vulnerable?
Sources:
https://keepersecurity.com/public/Most-Common-Passwords-of-2016-Keeper-Security-Study.pdf