In the world of cyber security, no topic is more important (or more derided) than that of passwords. Passwords are everywhere. They help personal users log into their online banking information, give system administrators in a business access to mission-critical file servers and more. Passwords as a concept are inherently secure; they’re the first line of defense between the user and an attacker who wants to do harm. The thing that makes passwords such a hot-button topic, however, ultimately rests with the users themselves.
Simply having a password is not enough to keep anything safe in the digital age. Having a strong, complicated password is – but for many users, even in the world of business, this is often a lot easier said than done.
The Problem with Passwords
A number of studies are done on an annual basis which take a deeper look into the password-creation habits of users all over the world. One trend is overwhelmingly clear: users prefer simple, almost generic passwords above any other kind. Two of the most commonly used passwords are “12345” and “password” which, while they are technically passwords, pose a number of challenges that cannot be ignored.
First, something like “12345” is incredibly easy to guess. You don’t even have to be a “hacker” in the strictest sense of the term to guess that password, you just have to try it out and get lucky. Another issue presented when a person uses a weak password is that it IS possible for sophisticated computer software to “guess” these terms or phrases during a brute force attack, unlocking the associated account in a startlingly short amount of time.
When a user employs the password “12345” for their favorite movie-related website, that’s one thing. When a business user has the password “12345” on an online account holding important client financial information, you can begin to get an idea of just how serious this issue really is.
Not All Passwords Are Created Equally
One of the most important ways to remain safe in today’s online environment is through the creation of STRONG passwords that are a combination of not only numbers and letters, but also special symbols. “Aardvark1” may seem hard to guess to a human, but a computer can do it in a couple of minutes. “[email protected]!”, on the other hand, complicates things greatly and makes the password more difficult to crack.
For the best results, a password shouldn’t actually be a word at all. The strongest passwords are not only long (many experts recommend a minimum of 12 characters), but are also completely incomprehensible. Something like “a2398urasdf&#()$+” would take years for even a powerful computer to come remotely close to guessing.
The problem, however, is remembering dozens of complex passwords. Password managers were created for this exact purpose, as not only do they give users the ability to automatically generate strong passwords, but they then keep a record of all these passwords in a secure database so that users can refer to them in seconds when logging in online.