Passwords are the digital keys to our networks of friends, our work colleagues, and even our banking and payment services. We want to keep our passwords private to protect our personal lives, and that includes our financial information. While some cyber criminals may want to hack into our social networking or email accounts, most want the financial gain that hacking bank accounts can bring.
The most important two passwords are those for your email and social network accounts. If someone gains access to your email account, they could use the “forgot your password?” link on other websites you use, like online shopping or banking sites. If a hacker gets into your social network, they have the ability to scam your friends by sending out links to dangerous websites or posting fraudulent messages asking for money. The bottom line is that a good password is all that may stand between you and a cybercriminal.
How is it done?
There are many ways that hackers can crack your password outside of phishing attempts and spyware. One method is by attempting to log on to your account and guessing your password based off of personal information gained from your security questions. This is why it is extremely important not to include any personal information in your passwords.
Another way that hackers can attempt to gain access to your password is via a password cracker. A password cracker uses brute force by using multiple combinations of characters repeatedly until it gains access to the account.
The shorter and less complex your password is, the quicker it can be for the program to come up with the correct combination of characters. The longer and more complex your password is, the less likely the attacker will use the brute force method, because of the lengthy amount of time it will take for the
program to figure it out. Instead, they’ll use a method called a dictionary attack, where the program will cycle through a predefined list of common words that are used in passwords.
How You Can Create a Secure Password
In order to avoid being a victim of these kinds of hacks, we’ve amassed a collection of Do’s and Don’ts on how to choose a secure user password*.
*A secure password is one a hacker can’t easily guess or crack using software tools and one that is unique and complex.
Do use Two-Factor Authentication (2FA) whenever possible. 2FA adds another layer of security to any account you may be logging into. When using 2FA, you can choose two of three types of identification to provide:
A password or pin number.
A tangible item such as the last 4 digits of a credit card in your possession or a mobile device that a code can be sent to.
A part of you such as a fingerprint or voiceprint.
Do use a combination of uppercase and lowercase letters, symbols and numbers.
Don’t use commonly used passwords such as 123456, the word “password,” “qwerty”, “111111”, or a word like, “monkey”.
Do make sure your user passwords are at least eight characters long. The more characters and symbols your passwords contain, the more difficult they are to guess.
Don’t use a solitary word in any language. Hackers have dictionary-based systems to crack these types of passwords. If you insist on using a word, misspell it as much as possible, or insert numbers for letters. For example, if you want to use the phrase “I love chocolate” you can change it to @1L0v3CH0c0L4t3!
Don’t use a derivative of your name, the name of a family member or the name of a pet. In addition to names, do not use phone numbers, addresses, birthdays or Social Security numbers.
Don’t use the same password across multiple websites. If remembering multiple passwords is an issue, you can use a password manager such as Norton Identity Safe to securely store your passwords.
Do use abbreviated phrases for passwords. You can choose a phrase such as “I want to go to England.” You can convert this phrase to an abbreviation by using the first letters of each word and changing the word “to” to a number “2.” This will result in the following basic password phrase: iw2g2e. Make it even more complex by adding punctuation, spaces or symbols: %iw2g2e!@
Don’t write your passwords down, share them with anyone or let anyone see you log into devices or websites.
Do change your passwords regularly.
Do log out of websites and devices when you are finished using them.
Don’t answer “yes” when prompted to save your password to a particular computer’s browser. Instead, rely on a strong password committed to memory or stored in a dependable password management program. Norton Security stores your passwords securely and fills them in online in encrypted form.
Credit – https://us.norton.com/internetsecurity-how-to-how-to-choose-a-secure-password.html