Scorpiones Group

How to keep your passwords safe

How to keep your passwords from being an attacker’s key to your account
The whole point of a password is to keep unauthorized people out of your accounts. But when not constructed and used properly, passwords can do just the opposite. In fact, you can think of a poor password as a key to let the wrong person in.

81% of hacking-related breaches leveraged weak, stolen, or default passwords, according to the 2017 Verizon Data Breach Investigations Report.
With numbers like that, it’s clear that the password is a problematic way to protect accounts. But as it’s currently the protection measure that’s in use across the board, it’s important to use passwords smartly. Which isn’t hard to do, it just takes a little bit of effort.

What constitutes a weak password? That would be a password that’s easy for a human to guess or an automated password cracker to crack.
Our researchers come across thousands of passwords during a penetration test. Recently, they listed several common password patterns that people often use in order to meet the complexity requirements.
Here is the list for most common patterns: RSA Key Common password patterns:
  • Uppercase first letter: Password
  • Two to four numbers at the end: Password123
  • For a special character, exclamation point at the end: Password123!
  • Mixing it up: [email protected]!
  • Month + Year: September2018
  • Car names: Porsche911
  • Seasons: Winter19, Summer!
  • Birthdates and birth years: 071191
  • Wedding dates: 20102010, 20oct2010
  • Names of children: Jonathan
  • Sports and teams: Football, Barcelona

Wow. Anyone else think they were alone in adding an exclamation point at the end to add complexity? You can probably recognize some of your password habits in this list too. A lot of persons tend to think that they are alone

In addition, shorter passwords are weaker. The shorter it is, the faster it can be cracked with an automated tool. So the longer the better – in fact, it’s better to go with a passphrase, two-factor authentication or even a pass-sentence.

Tags: Phishing Information Security TIPS Account Safety

Contact Us