read/write) and revoke access if necessary.Ĭonsider occasionally checking sites such as “Have I Been Pwned” which tracks whether an account and the associated password have been involved in a data breach. This will give you the ability to determine the level of access (e.g. If you do need to share a password to a critical account, such as sharing the password to your bank account with a family member in case of an emergency, consider using a password manager to do so. Remember, passwords are supposed to be a secret and are the key to all your accounts and information. It’s also important to avoid using information about you that’s publicly available, such as your favorite sports team that you’ve posted to Instagram countless times. These are often the first combinations that a hacker will guess.Īvoid using personal information in your passwords such as your name, address, birthday. This is when a password manager really comes in handy.Īvoid passwords with patterns such as 12345, QWERTY or ABCDE. Each account should have a unique password. While a great passphrase will help secure you and the Commonwealth’s data, a second factor makes it that much more difficult for hackers to gain access.ĭo not reuse passwords across systems. If you would like to recommend a specific product, please email else I should consider?Įnable Two-Factor authentication whenever possible. A quick google search will give you more information on which on may be the best fit for you. There are lots of products on the market, all with their pros and cons, but some examples are LastPass, Dashlane and 1Password. Many of the tools out there will give you the ability to store other sensitive information such as credit card numbers, membership cards or private notes. They can help generate strong, long, random passwords automatically. With a password manager, you just need to remember the one master password (so it’s important that it’s your best password). Paid versions are also available that often allow you to store and access all your passwords across multiple devices. Many products offer free versions if you are able to accept some limitations. Password managers can be a great resource. That’s great that I can use passphrases, but I still have all these passwords! How am I supposed to remember them all? For example:īut remember, the longer the password the better. Try swapping out letters for a number or special character. Special characters and numbers definitely add complexity and make it more challenging for hackers. What about special characters and numbers? It would likely take a hacker over a year to crack this more complex password. If we factor in the automation we talked about above, it’s estimated that a supercomputer could hack this password in 0.0085 seconds! If we take a slightly longer and randomized set of characters, such as ‘whithgildnqz’, our odds get exponentially better. It’s estimated that it would take a human about 15 minutes to crack this password. Since this password contains a sequence, it would be one of the first combinations a hacker would try. To give you some context, let’s look at the password ‘123456789’. You should not use this as passwords since they are on a public webpage*īut, can they really hack into my accounts that quickly? *please remember, these are examples only. Passphrases are a series of random words or a sentence that are much easier to remember and type, but still hard for cyber attackers to hack. At one time, the recommendation was to use complex passwords with random characters and numbers, but those can be hard to remember, confusing, and difficult to type. The longer your password, the longer this method will take and the greater likelihood that they will be locked out by the system.Ī great way to get a long password that’s easy to remember is to use passphrases. Often, hackers will use automation to do this quickly and efficiently. In general, the longer the password, the better your odds are against a brute force attack.Ī brute force attack is an attack method often used by hackers where they do exactly what the name describes they try and guess your password as many types as the system will allow. There does not seem to be consensus on an appropriate minimum password length, but it’s a good approach to make your passwords at least 12-14 characters long.
0 Comments
Leave a Reply. |