Application Security IT Security Websites

Password Security

Password fatigue refers to the feeling experienced by many people who are required to remember an excessive amount of password as part of their daily routine. It is not uncommon for people to deal with these feelings by creating a password that meets many common minimum password requirements, such as being at least 8 characters long including a number and a special character, and then reusing that password as much as possible in order to avoid creating new passwords to keep track of. You know this a bad habit, so stop it now! Weak password security can leave you vulnerable to the following consequences:

  • Identity theft
  • Blackmail
  • Ransomware schemes
  • Data breaches
  • Computer hijacking
  • Loss of privacy

These are some examples of password security threats:

Dictionary attacks. This is a brute-force attack where cyberattackers use software to scan and test every word in a dictionary to see if it is a user’s password.

Phishing scams. Cyberattackers use malicious links and cloned websites to imitate legitimate websites, tricking users into divulging their login credentials.

Password spraying. Cyberattackers use extensive lists of frequently selected passwords to test against and individual’s username.

Credential stuffing. Cyberattackers use known passwords to gain access to account information.

Keylogging. Cyberattackers use installed malware to track a person’s keystrokes as they type on their computer, allowing them to identify usernames and passwords.

Two widely available types of resources exist to help you with the task of creating and managing passwords:

Password generators. Password generators create strong and unpredictable passwords. Examples of password generators include Dashlane, LastPass, NordPass, KeePass, and Strong Password Generator.

Password managers. Password managers keep track of your credentials and passwords. Features to look for include end-to-end encryptions, multi-factor authentication (MFA), password sharing, password generation, and role-based permissions. Examples of password managers include Bitwarden, Dashlane, LastPass, NordPass, Keeper, and 1Password.

If you are still confident that you are the best person for the job of creating and retaining passwords, the following tips will help you to create a strong password:

No personal information. Strong passwords should not include any information or numbers including birthdates, names, addresses, zip codes, or phone numbers.

Combine letters, numbers, and symbols. Strong passwords are complex and include a variety of letters, numbers, and symbols.

Go long. Strong passwords are longer, and passwords at least 16 characters long lessen chances of being breached.

Avoid real words. Cyberattacker can use software to crack passwords, so you should create passwords made of random letters and characters, and not real words or proper nouns.

Do not reuse. Reusing passwords decreases the security of your associated accounts.

Do not reuse a password that has been stolen. If you have been made aware that a password has been compromised, do not reuse that password in the future.