Passwords are used to authenticate you so that your personal & financial data is protected from fraud, data theft or identity theft. Passwords help prevent unauthorised access.
However, with more and more of digitisation in our personal and business life it is often easy to take short cuts when trying to manage that growing list of passwords. I did a quick count – I have 39 different personal passwords that I use at least a few times a year to almost daily and at least another 20 more.
Passwords are used to authenticate you, so that your personal & financial data is protected from fraud, data theft or identity theft. Passwords help prevent unauthorised access.
However, with more and more digitisation in our personal and business life if is often easy to take short cuts when trying to manage that growing list of passwords. I did a quick count – I have 39 different personal passwords that I use from a few times a year to almost daily, and at least another 20 more. Add them up yourself – email accounts, social media, online banking, credit cards, share trading, E-Gov (Federal & NSW), ticket / entertainment sites, Uber, food ordering, telco, newspapers, memberships / sporting clubs etc.
Doing the maths about 18 months ago made me stop and think. Many of my passwords were basic, many were the same or very similar, some I hadn’t changed in years. Given I had key personal details, credit card No’s and information about my children across different sites I suddenly went cold. Access to only a couple could open access to others or allow enough personal information to someone else to be a ‘virtual’ me – a Pandora’s box.
Luckily there are ways to increase security and minimise the risk of attack. Below are some tips – mostly business based but true for individuals as well.
Simple passwords are one of the biggest problems. Although easy to remember they are also easy to crack. Remember – your dog’s name is probably on your social media…..it’s not a secret.
An example on how long it would take to crack some passwords with brute force attack:
How long to crack*
|Welcome83||8 minutes||Commonly used password|
|Chamaeleon||2 months||A dictionary word|
|Ch@m@eleon||2 months||a = @|
|Ch@m@3l3on77||31 years!!||a =@, e = 3 with numeral 77 in the end|
*Estimated timings are as of February 2018
TIP: Go to this website https://haveibeenpwned.com/Passwords and check if any of your passwords is on the list. If any of them are, make sure you change them immediately!
TIP: No password should ever be used on more than one site – there are a number of password managers that we recommend so you can keep passwords secure and varied.
TIP: Good complexity for a password:
– 8 characters minimum
– A combination of high and low case
– At least one number
– At least one symbol
Password changes should be active for all users, with passwords set to expire at least quarterly (monthly is best practice), with adequate password complexity.
Password Phrases are a good way to remember complex passwords, using an easy to remember phrase of at least eight words from a favourite book, song, movie or poem (the more obscure the better)
Example: Mary had a little lamb, its fleece was white as snow
You use the first letter from each word so it becomes: Mhallifwwas
For more examples visit: http://www.hughcalc.org/pwgen.cgi
TIP: Password and password phrases shouldn’t be written down around the user’s desk (nor under the keyboard!).
Superman – the first superhero in the list.
blink182 the first band
Michaels, Ashley’s, Andrews, Jessica’s, Charlie’s etc, need to take a good hard look at their security (or perhaps their partners)……mmm just saw the last entry on the list……that’s my name!!!
myspace1 – really….
Homelesspa…. the Grey nomad segment?
If you are concerned about your businesses security, please feel free to contact Chill IT.
1300 796 246