How Secure is Your Password? Best Passwords for Security
Have you experienced identity theft? According to statistical data, one of every three people in the United States has had their identity stolen. While bad actors on the Internet typically attack businesses and government institutions, individuals on the Internet are certainly not free from these dangers.
So, you may be wondering: what are the best passwords? Is my password secure? And if so, how secure is my password?
This article will give you some answers and provide you some information on the best passwords, whether you’re a college student, a gamer, or a concerned parent.
Password security: the basics
While experts sometimes have different opinions on specific aspects of password security, there are some basic tenets to follow to maximize security.
1) Amount of characters: longer is better
Every additional character for a password increases the time it would take for software to crack your password, thereby adding a barrier to your account. When it comes to the specifics of how many characters your password should contain, however, experts have different opinions.
Many websites require a password of 8-10 characters, but some technology experts recommend a password of 16 characters, or even more for people with additional security concerns such as administrators or managers. To be on the safe side, a 16-character password is likely your best bet to ensure your password is secure.
Arguably more important than length for a secure password, however, is the second criterion:
2) Special and complex characters
Have you noticed that websites’ password requirements increasingly ask for special characters or uppercase letters in your password? This is what is called password complexity, an important aspect of password security.
This article finds that an 11-character all-lowercase password would take 17,576 minutes to be cracked by a computer, while an 8-character complex password (defined as requiring one each of an uppercase letter, a lowercase letter, a digit, a number, and special character) would take 29,190 minutes to be cracked.
This demonstrates that complexity and length can both bolster the strength of your password, and ideally, for the best passwords, you should maximize both.
3) Memorability
The previous section discussed combining length and complexity to increase the security of your password. But who can remember something like “x65$Bd._523m”?
Thomas Baekdal makes a strong argument for usability, demonstrating that uncommon combinations of words like “fluffy is puffy” or “du-bi-du-bi-dub” can be secure far past your lifetime (39,637,200 years to crack and 531,855,448,467 years to crack respectively!)
Dictionary attacks, or attacks in which hacking software floods an account with lists of common words, are not effective when uncommon words are used in strange or absurd ways. So, when it comes to password security, memorability doesn’t have to compromise on safety.
4) Change your password frequently
When’s the last time you changed your password? A secure practice would be changing your passwords every three months, ensuring that, even if your password is breached, the intruder can be locked out again. This keeps hackers on their toes, who may be discouraged by your above-average cyber hygiene and look elsewhere for an easier target.
5) Variety
The final aspect of a secure password is variety, meaning you should use a different password for each account. Hackers may first go after less secure websites in order to gain access to more vulnerable information. Yes, you heard correctly: while you may think no one is interested enough in your Starbucks stars to hack your account, you should be worried if, like most people, you reuse the same password or a variation thereof for all your accounts.
Looking to put your password to the test? A password security checker may be a great tool to check how secure your password is. While there are a lot of very useful checkers out there, others may take advantage of their service to steal your information. For some secure programs from reputable sources, check out this article and find the best password security checker for your personal needs.
Password managers vs. password books
So, you may be thinking by now: all these tips sound like a lot to remember! Who has the time and energy to change their passwords every three months, especially with the tens of accounts the average Internet user has? And even if you do change them, how are you supposed to remember them? Isn’t security meant to prevent others from accessing your account, not to get yourself locked out?
No fear: In this section, the article will discuss the pros and cons of two different methods of managing password data, password managers and password books.
What is a password manager?
A password manager is a piece of software that collects all your usernames and passwords. That means that you don’t have to remember them all yourself!
A password book, on the other hand, is a bit more old school. It just refers to a notebook (or any other piece of paper) where you write down all of your usernames and passwords. Though some may find this option to be a bit insecure, given that you run the risk of your book being uncovered in a home invasion, it can still be a good option for some people.
Those who are on the move a lot, however, or those who live in a setting like a college dorm where others might be able to access your things, might not find this to be a practical option.
Multi-factor authentication
Multi-factor authentication is an authentication method that uses two or more external factors to verify a user’s identity. You may have heard the term “two-factor authentication” before, and it’s very similar: the only difference is that two-factor always uses two factors, whereas multi-factor might use two or more.
If an institution, for example, requests a password to access your email (factor #1) and then additionally requires you to enter a code that you receive either through a text or an e-mail (factor #2), it can be called “two-factor authentication.”
The specific methods used in this process are commonly divided into three types: this article succinctly defines these categories as “something you know,” “something you have,” and “something you are.”
Something you know could be a password, but it could also be anything else you remember and enter in the computer to verify your identity - a code, a pattern, or anything else like that.
Something you have, on the other hand, often refers to a cell phone, through which you receive a code (sometimes called an OTP, one-time password) that you enter into the system.
Finally, something you are refers to a part of the body that can prove the user’s identity. This could be anything from a retina scan, a fingerprint, face recognition, palm scanning, or something similar. Because these factors depend on a part of the body to prove a user’s identity, they are often called “biometric factors.” Many people can unlock their phones using face recognition today, and more and more devices include a fingerprint scanner for a convenient way to gain access.
Multi-factor authentication may be a great choice to add security to your devices. If you’re looking to implement multi-factor authentication on your accounts, take a look at this article to compare different softwares. The site allows you to search by specific factors, such as biometric, phone, and email, as well as other preferences like supported languages.
Conclusion
It’s always important to remember that no one can completely prevent security risks - all you can do is defend yourself as best as you can against them.
If you want to learn more about secure practice, check out this article about Brave Browser, an open-source web browser that centers user privacy with features like ad blocking and prevention of third-party data collection. Additionally, you can check out the Aspire Vero, an innovative device made with privacy and sustainability in mind.
About Malcolm Archibald: Malcolm is an SEO copywriter that helps businesses thrive. He's passionate about languages and helps companies improve traffic, bring in customers, and build a better web presence.
Patrick Yu is a Senior Project Manager at Level Interactive and has 8 years of experience writing business, legal, lifestyle, gaming, and technology articles. He is a significant contributor to Acer Corner and is currently based in Taipei, Taiwan.
Introducing: Email Digest
Every week, we’ll bring you the top 5 trending topics from our Acer Corner.
Find out how |