1-Fix Limited

The Blog

Are you walking a password tightrope?

Are you walking a password tightrope?

It’s a scary thought, but researchers have found that 10,000 of the most common passwords can crack more than 98 per cent of six million user accounts. If you or your family use any of the following top five passwords there is no doubt about it – your on-line security is at risk …

  •           123456
  •           password
  •           12345678
  •           lifehack
  •           qwerty

No matter how often we are told to make passwords inscrutable, we ignore the warning.  It’s like standing aside at the atm and allowing the queue behind to see your PIN and then leaving your card behind.

The problem is that practically everything we do on-line requires a password or a PIN – so we make it easy for ourselves by using memorable words or the same one for every occasion.

Best practice dictates that if we’re setting our passwords manually we should use long ones and vary them for each site that asks us to create one.

Most sites suggest a minimum of six characters, but the longer the better, because it increases the possible combinations and will make it harder for others to crack.

A combination of letters and numbers, for example, improves things immensely, while special characters such as %, *, & and _ will make it even better.

If you want to use phrases that you can remember – such as first street where you lived or make and model of your first car – disguise the letters with numbers. Such disguises for keys could be A – 4; B – 3; I – ! and O – 0.

So if you lived at number 59 Step Street and you wanted to use that as a password you could turn that into S9_5tEp_5tr33+

Or if your first car was a VW Golf bought in 2002 turn it into VWG0!f2o0Z

There are also programs available – such as LastPass and RoboForm – that will randomly generate a password and then remember the different password for each site you visit. It will then be automatically entered when you visit the site without displaying the password – it will be represented by dots or asterisks so as not to be legible to anyone looking at your screen while you log on.

Whichever route you take – manual or automatic – make sure you and the rest of your team steer clear of those obvious top 5.

And don’t broadcast the passwords to anyone. We remember watching a presentation on DVD and one of the people being interviewed shared her favourite song of all time, casually adding: ‘I use that as my password for everything.’

Unbelievably, nobody thought to re-record that part of the presentation, and nobody thought to edit the comment out.

We suspect the person in question changed her passwords before the DVD was distributed. You’d like to think so.

 

Replies

Comments are closed.

Leave a Reply

Your email address will not be published. Required fields are marked *