How to keep your passwords from being an attacker’s key to your account The whole point of a password is to keep unauthorized people out of your accounts. But when not constructed and used properly, passwords can do just the opposite. In fact, you can think of a poor password as a key to let the wrong person in.
81% of hacking-related breaches leveraged weak, stolen, or default passwords, according to the 2017 Verizon Data Breach Investigations Report. With numbers like that, it’s clear that the password is a problematic way to protect accounts. But as it’s currently the protection measure that’s in use across the board, it’s important to use passwords smartly. Which isn’t hard to do, it just takes a little bit of effort.
What constitutes a weak password? That would be a password that’s easy for a human to guess or an automated password cracker to crack. Our researchers come across thousands of passwords during a penetration test. Recently, they listed several common password patterns that people often use in order to meet the complexity requirements. Here is the list for most common patterns: Common password patterns:
Uppercase first letter: Password
Two to four numbers at the end: Password123
For a special character, exclamation point at the end: Password123!
Wow. Anyone else think they were alone in adding an exclamation point at the end to add complexity? You can probably recognize some of your password habits in this list too. A lot of persons tend to think that they are alone
In addition, shorter passwords are weaker. The shorter it is, the faster it can be cracked with an automated tool. So the longer the better – in fact, it’s better to go with a passphrase, two-factor authentication or even a pass-sentence.