Tips to Create a
Secure Password
Never before has it been so important to possess an essentially perfect password. The Bitkom Cloud Monitor 2017 shows that over 60 percent of companies use the cloud – and the trend is set to rise. But the problem is that highly sensitive data is also placed in a remote environment, of course, which might attract hackers. And however much other security measures shield this environment as well, a good password is indispensable. This article sheds some light on the perfidious methods of cyber-criminals and provides five of the best tips to create a perfect password.
Ransomware describes trojans that are placed on the computers of their victims, where they block or encrypt data. Companies are not able to access their datasets until they have paid a certain amount, the ransom. This dirty trick is particularly effective when hitting companies that are highly dependent on their data. In many cases they will transfer the amount to an international account in Bitcoin currency. The best way to prevent ransomware is to install software that thwarts the attack before it can take effect.
A brute force attack is a frequently encountered – if albeit somewhat crude – method used by cyber criminals: the hackers run a number of programs to input all possible character combinations. The method is simply repeated until the password is cracked. Essentially it means that any code can be decrypted.
The dictionary method is more or less the manual version of a brute force attack. The hackers do not try out every character combination and instead use lists, for instance of the most popular passwords. And indeed, the top three really are “123456”, “123456789” and “Qwerty”. So if you actually use one of these passwords or something similar, you are strongly advised to read our five tips for a perfect password as quickly as possible!
A secure password should on no accounts consist only of letters. You must also use numbers, special characters and caps. Not only do they thwart the dictionary method, they also make a successful brute force attack significantly more difficult. A great trick is to replace letters with numbers and special characters, so an “i” will become “!”, an “o” turns into a “0” and “s” is written as “$”. This way, the simple term “Microsoft” morphs into the substantially harder word “M!cr0$0ft”.
It’s easy: the longer the password, the harder it is to crack. The length of the code can be decisive, especially for brute force attacks. The following calculation example indicates the principal:
Possible number of combinations = Number of characterspassword length
So if you use a seven-digit password consisting of caps, letters and numbers (62 characters), the possible number of combinations is 3,521,614,606,208 (over 3.5 trillion). The number rises to 218 trillion cycles needed to crack the code, merely by adding another digit. This means that if your password comprises more than 10 digits and additional special characters, decryption would take several years.This trick shows you how to create a complex password that only you can remember. Think of a sentence and place the first letters of each word in a row. So the sentence, “My Name is Joe Bloggs and I was born on 1 January 1900!” would produce the following password: “MNjJBaIwbo1J1900!” It’s long, contains numbers, special characters, caps and letters, and it’s definitely not found in any dictionary. Perfect!
The World Wide Web can also come to your assistance if you don’t want to think up your own password. There are plenty of password generators on the Internet that use random strings to produce a password. But be careful! It’s very difficult to remember these combinations.
The trickiest question among security managers: is it important to reset passwords regularly? And if so, in which intervals? It may appear sensible to change passwords regularly to ward off cyber-attacks, at least at first glance. But experts take a nuanced view. Many users only make minor changes to their password, turning “password1” into “password2”. These patterns are easy to predict. What’s more, people tend to choose easy passwords if they know that they have to be changed soon anyway.
To reset or not to reset? Our expert Rene Schoppe, IT Security Sales Specialist, advises: “I recommend changing your password on a quarterly basis, so every three months. That’s also the general advice given by the Federal Office for Information Security (BSI). Most systems send an automatic reminder every 2 to 3 months to restore the password, and so it is wise not to ignore this advice. You need to reset your password immediately following a successful hack of a portal you use and the theft of data. The most important aspect is to use a secure password. Password generators are handy tools in this regard.”
Some may believe that this tip is blatantly obvious, but it is still the most important one: never give anyone your password. Not even a friend, colleague or spouse. Also refrain from keeping notes of your passwords. While they make it easier to remember the codes, the implications can be fatal if they fall into the wrong hands.
100 percent protection does not exist. Every password can be cracked somehow. So the pertinent question is how long it takes. The use of long combinations, comprising letters, numbers and special characters is the first step toward effective protection of your data. Our experts are glad to advise you.
Discover Managed Security ServicesLeave a comment to let us know what you think about this topic!
Leave a comment
