You already know that cybercriminals hunt online accounts, including yours. They can gain access by bruteforcing or stealing the password. How to stay protected? And what NOT to do? Picture. A burglar with a set of skeleton keys in front of a door.
Let’s start with the most common errors when creating a password.
A simple word or short string of characters can be cracked either by guesswork or a dictionary attack. Accounts with passwords like 123456, password, or love2000 are practically defenseless against attacks.
If you use the name of your dog, or the birthday of your spouse, an attacker can easily glean it from a social network. Such passwords are the definition of weak.
But even a good password can turn bad if you use it for multiple accounts. If just one service is not sufficiently protected and its database leaks, cybercriminals will get hold of your username (usually an email address) and password. And they will try the same pair for other accounts too. If you use the same password elsewhere, that account will be compromised as well.
Lastly, don’t give your passwords to anyone — not even friends, family, or colleagues. They might be less vigilant than you think! You don’t want your relationship with them to suffer as a consequence.
For starters, a genuinely strong password is at least 10 characters long. But to protect your most important accounts, we recommend at least 15.
Second, a strong password is a set of characters that is either random or non-obvious to an outsider. It should include letters (upper and lower case), numbers, and special symbols. Bruteforcing such a password can take years, and cybercriminals don’t have that kind of time to play with.
Wait, you say, surely a Fort Knox password locks out not only villains, but also the account owner? Who can remember 15 random letters, numbers, and symbols for different accounts? And if I jot them down, someone will find them.
There’s a little trick here: The password should not be obvious to outsiders, but it can make perfect sense to you. For example, take the first few words of your favorite song, poem, or other text that you know off by heart, and create a password from the first letter of each word, adding a special symbol and number at the end, and at the beginning add the first letter of the name or the main color of the site for which you’re creating an account. That’s just an example. You can work out your own scheme and use it to create unique passwords for each account.
If that doesn’t appeal, use a password manager — a special program that does what its name suggests. It will create robust passwords and store them for you. You only have to remember only one master password.
So, your password is hard to guess. But some dastardly cybervillain still might try to steal it from you. We take an in-depth look at account protection in the Security course. There you can also find out about phishing and spyware, and how to protect yourself against it all. Unfortunately, your credentials can be stolen not only from you, but straight from the service itself. How to protect yourself from the consequences of such thefts is the topic of the next lesson.
Which of these passwords is the strongest?