wArmour

How to create a Secure and Memorable Password

People are being told constantly that creating a strong password deflects 99% of attacks from hackers. What people aren’t told though is what actually counts as a strong password and how they stop hackers. This guide shows you the easiest ways of defending your accounts so that attackers don’t get easy access to your most sensitive data.

How People Hack

Firstly, I will tell you about how a hacker can get your details to your account, so that I can show you how to avoid these later. Inexperienced hackers will use the ‘Dictionary Attack’ which is exactly what it sounds like. It’s basically entering every word in the dictionary in the hopes that someone would have used one as a password e.g. banana. Even though it sounds like some goon sitting in their basement, looking at every word in a dictionary and typing it in, in the hopes that the password is one of these words.

This would be pointless as it would take months to get to the end of the dictionary, and would have been a complete waste of time if the target used a strong password. They actually do this task by using a program which does it for them, which is automated so the goon can do other things in their basement.

 

hacker

The elusive hacker in their natural habitat.

The next type of attack is the ‘Brute Force Attack’ which an expansion of a Dictionary Attack. This attack also uses random letters e.g. ‘asdfg’ or ‘zxcvb’. This has a larger range of opportunities as this also includes people who dragged their finger across their keyboard, thinking that out of 7.125 billion people on the planet, they were the only person to think of this as a password. This should show that only using letters for a password should be avoided.

For the professional hacker, they will use tools such as a KeyLogger. This does what it says on the tin and logs your keys. These can infect a victim’s computer through a malicious email or social media site (I’ll explain these in another post). KeyLoggers can be avoided by not opening said suspicious emails and their links, as opening the links (which are usually disguised as documents) is basically giving a hacker the keys to your accounts.

Remember: no business which holds important information, e.g. a bank, will come to you with a link asking you to change your password, so be aware of fake emails that use the same design as a legitimate email.

Creating a Good Password

The absolute simplest way of creating a strong password is using letters and numbers. This is often overlooked as some people may find it annoying by having to remember numbers, but this makes a password much stronger.

Some websites actually require you to use letters and numbers as this is a strong way of protecting an account. A common mistake is to use Password as an actual password, or Password1 if the site requires numbers. These are perhaps the most common passwords to exist and should be avoided. Instead you should use something that only you can remember, such as a pet’s name and a year e.g. Snowy1972. This is a strong password as it uses a mix of numbers and letters, and is something that is personal to you so you can remember it easily.

To create an even stronger password you would use symbols such as ,./?!’ which are required on a handful of websites, as these website may protect important information, one example being PayPal. These passwords are going to deter 99% of attacks as by using numbers, letters and symbols will stop automated programs from finding out your password.

Often a website will stop you from entering a password if you have tried to enter it too many times. Despite often being seen as a way of telling you that you don’t know your own password, this is a security measure to stop hackers from getting into your account by using aforementioned automated attacks.

Another way a website might stop automated attacks is the use of Captcha. This monitors to see if the person trying to access an account is a bot, as a bot is unable to read a scrambled image of text.

killcaptcha-1

Sometimes words are not just unreadable, but also outside the frame. If this happens you should probably use the refresh button.

That’s Not All!

It is thought that there are three components to someones account: the Username, the Password and the URL(you usually don’t have much control over the URL). I’ve spent the majority of this post talking about defending your password, but you should also spend some time coming up with a reliable username.

Many services already provide a username for you, such as WordPress which uses the generic username ‘Admin’. Many people tend to just keep this as Admin and only rely on the password as the main defence. Creating a strong username doesn’t need as much attention as the password, and can be easily done. It can be as easy as using your own name as chances are that it isn’t going to be a common username. Just by changing the username given to you can give you an extra line of defence.

What Could Happen

I’ll now go through a scary list of what could happen if your password does get compromised, so that this guide scares you into changing all your rubbish passwords:

-You could have all of your personal information leaked onto the internet if your desktop password is hacked.

-Your images on the computer can be accessed and put onto the internet, giving away your privacy.

-Your bank details can be revealed to a hacker, and they will take every penny you have.

-Any website you own can be spammed with bad links, which will knock it off Google, meaning that all the hours and money spent into it are wasted.

This could happen to you!

I hope this has helped understand why passwords are important towards your own privacy and details, as making a strong password can stop hackers from seeing the pictures you want hidden from the rest of the world.

 

Sources:

http://www.sodahead.com/fun/how-old-should-a-child-be-to-stay-home-alone/question-3115171/

http://designshack.net/articles/accessibility/should-we-kill-the-captcha/

Leave a comment

Get Secure - Get wArmour

WordPress is better when it’s wearing wArmour.
Contact us today to secure your website and resolve any existing problems!

Get wArmour