People using the same passwords for multiple accounts is a problem. People writing passwords down or user fatigue with password management as an excuse to justify weak passwords are big issues. Simple passwords get cracked more easily, and when people reuse passwords a hack on your favorite dog food delivery service means they have a password that exposes corporate data.
When you use phrases like “brute force” and “simple attacks” it may seem that the bad guys are pretty dumb. Many of them are. They pick up the tools they find and point them in the right directions. Their only original thought is to attack someplace new.
Passwords should never be stored online. Refrain from using the same password for personal and corporate accounts. Use a passphrase on passwords for remote users. Decline the “Remember Password” prompt box of web browsers, regardless if you’re using a private or shared computer.
Basic eight-character passwords can now be cracked by consumer password recovery software in well under an hour. More experienced hackers armed with rainbow tables and other free tools can crack 14-character passwords – including alpha-numeric passwords with special characters – in less than three minutes.
After reading this quick post, you’ll know exactly how you should be approaching password security. I explain how hackers crack passwords and what an unbreakable password looks like.
So for now, at least, it appears that passwords are our best method for secure system access. But it would be wise to remember the old adage, “you’re only as secure as your weakest link”. Or perhaps your weakest password.