Improving Password Security
First Step to Password Security
In this age of computing where a fairly standard computer can hash and attempt over 100 billion hashes per second,following good password practices is an absolutely necessary first step to improving security and reducing the risk of attacks and account leaks.
Follow these two simple rules to improve password security significantly and reduce the chance of any of your accounts (personal, professional, or sensitive) being targeted and breached.
Never use the same password
Never use the same password, especially, if they use the same email address/username. Even making slight variations of a single password does not help much in this scenario.
If the exact credentials don't work, common variations of the password will be attempted. So, if there is a password potatoes associated with a username john@email.com, they might try to log in using those credentials, and other passwords like potatoes1, potatoes!, potatoes123, and so on.
Generate secure passwords
A lot of times, we try to create passwords that are easy to memorize. To do that, we use common dictionary words, and don't include many numbers or symbols. Sadly, this makes it easier for brute-force algorithms to guess your passwords. Many of these algorithms usually try common passwords, followed by popular names and words, and then dictionary words.
You can see how long it will take a password-cracking computer to guess a password using a website like http://howsecureismypassword.net. Even though this website claims it is in "offline-mode", please do not enter any of your real passwords.
Solution: Use a password manager
Sadly, if we try to use good, unique passwords for every account, it will be impossible to remember all of them. As such, we recommend using a password manager to store your passwords.
Many web browsers and mobile devices already implement a password manager. However, we recommend third party applications and extensions such as LastPass or 1Password. You can read more on other popular password managers here.
Finally, be sure to use a good master password, and be very careful not to forget it. Now, that doesn't mean write it on a sticky note and leave it on your laptop, but one of the best ways would be to print and laminate it, and store it in a secure place or safe.
More help
These are just the first step everyone should be taking to make themselves less susceptible to online attacks, but there is always more to be done. Feel free to call or contact us for a full security evaluation, and suggestions on how to improve.