How Can Robert De Niro Help You Choose a Secure Password?
Written by Chris Thornton, 15 February 2017
We’ve all heard it a million times, but it bears repeating: as much as they are a pain in the ass, a strong password is the very first line of defence when it comes to your personal & business IT security. Until biometrics have become advanced enough to replace the need for passwords altogether, they are something we all have to deal with. Sorry!
Poor Password = Poor Security
In the end, no matter how many high tech solutions are put in place to combat against cyber-attacks a weak password will invariably render them pointless, and worse, a waste of money. Creating a truly strong password is far more complicated than people first think, so the result is often a simple, easy to remember and ultimately insecure password that they’ve used before on their Amazon, Facebook and online banking accounts.
Is Your Password “Complex” Enough?
Years of experience have shown me that when it comes to cyber-security, the word ‘complexity’ can be subjective. To some ‘P@ssword1’ is complex as it contains upper and lower case, a special character and a number. So you’re safe, right? Well, in reality, for a hacker, ‘P@ssword1’ is no more difficult to crack than just having ‘password’. To others, strings of randomly generated letters, numbers and special characters are complex - but remember, you’ll probably have to write it down or save it somewhere unsecure, so what’s the point?
How Not to Create a Strong Password
Don’t be fooled into thinking the only type of secure password looks something like this:
Ok, so while I do have to admit that this password is complex and it’s going to be very difficult for somebody to crack, the truth is that it’s not going to be practical for day to day use, especially when you’re having to enter it more than once just to get on with your work! In the end, you’ll end up either forgetting it altogether and requesting a new one, or, by the time you’ve memorised it you’ll be prompted to change your password and begin the whole sorry process again.
What are the Characteristics of a Strong Password?
If your password meets these four criteria, then congratulations – you’re onto a winner!
- Your password cannot be easily guessed
- Your password cannot be easily cracked
- You don’t have to write it down to remember it!
- It contains 10 or more characters
Now, Let’s Create a Strong Password!
Forget the term ‘password’ and start thinking of ‘pass-words’. Single words are at risk of being cracked by a brute force dictionary attack – where hackers try one word at a time until they hit your uninspired, one-word password and break into your system. Using a combination of multiple words or phrases to increase the overall number of characters will automatically add complexity making them much harder to crack!
Where to Start with Your Password?
Pick a phrase that means something to you. The best examples aren’t always obvious, so why not choose a song lyric or a favourite line from a film? What you pick doesn’t really matter, as long as it is memorable to you!
Password Example : you talking to me
And remember, if the system you are using requires a more complex password – such as upper & lower cases, a number or a special character - you can easily adapt yours to meet all possible requirements:
Password Example : You talkin’ 2 me?
Our examples are all random enough not to be guessed using social engineering, long enough to be safe from brute force attacks but also have complexity.
IT Security is Your Responsibility
Now that we’ve got a better understanding of what makes a strong password, I’m going to say something controversial: as an end user you are the weak link when it comes to your IT security. Don’t be that person who makes it easy for your system to be compromised, choose a strong password.
Keep it simple yet safe!
The Limitations of Your IT BackUp System
It’s hardly an earth-shattering statement, but a chain really is only as strong as its weakest link. It’s a proverb everyone is very familiar with, and it’s one I use every single day when I’m talking to businesses about their IT and the security of their infrastructure. It’s certainly something that hurtles into the conversation with great intent when I’m told that a business still uses tape drives to back up their servers….
Ethical Hacking - A Cyber Security Event
We at Shackleton thoroughly enjoy a networking event. The opportunity to meet new people, catch up with old friends, sprinkled liberally with bacon rolls or sandwiches and some high quality presentations, sees us beat a path to any door.