How to come up with a great password

image (1).png

BY KERRY TOMLINSON, AMPERE NEWS

JULY 9, 2021

Mentalists can listen to clues in what you say to make it seem like they're reading your mind. 

Malicious hackers just have to check your your social media.

There, they often find everything they need to guess your passwords --- pet's names, favorite pizza, dream car and more. That's why we need to get a bit creative when it comes to these annoying but crucial pieces of our digital lives. 

Here's how to do it, with the help of the National Institute of Standards and Technology, or NIST, the agency that sets the, well, standards for things like this.

#1 - MAKE IT LONG

Shoot for a minimum of 15 characters. Why? Because cyber criminals can use automated systems to crack short passwords. Some eight character passwords can be cracked in seconds. Longer passwords can take years to crack.  

Some cybersecurity experts use passwords that are between 15 and 30 characters long. 

For example, a password like 'iloveyou' can be cracked instantly, but a password like 'amperenewsheckyeah' could take 43 million years to crack, according to this chart from Hive Systems.

#2 - USE RANDOM WORDS

In the past, experts advised against "dictionary" words because crooks can use automation to check out common words. Now, dictionary words are considered okay --- if you use multiple words at once.

Some experts recommend using a random word generator --- or your imagination --- to come up with five words in a row.

For example, "SnowStampFlashPianoLift" is 23 characters long. It would take 6 trillion years to crack, according to Hive Systems --- quite a strong password. 

Other experts suggest coming up with passphrases, such as "IlikeAmpereNewsalldaylong". That's 25 characters, but also relatively easy to type.

#3 - STORE THEM IN YOUR PASSWORD MANAGER

These long passwords are hard to remember --- and you don't have to. One of the top ways to keep yourself safer online is to use a password manager, a program that stores passwords for you on your phone and computer.

Use one long, strong password that you can remember to get into your password manager. Then you can forget the rest until you need them.

#4 - BE UNPOPULAR

Popular passwords are crackable passwords. In fact, digital thieves use databases of popular passwords to check your accounts.

If their automated system finds you using one, they'll break in and steal your money and/or your accounts, or sell it on the underground market.

It's not just I-put-zero-effort-into-this passwords like 987654 or QWERTY, but also fun words like monkey, cheese, football and starwars, according to popular passwords lists. 

For 2020, some of the top passwords included picture1, Million2 and ashley, according to NordPass

If you're an attacker, you'll try these kinds of common passwords first for an easy hit-and-run.

#5 - BE UNIQUE

One of the easiest ways to get hacked is to use the same password on different accounts. Why? Attackers test passwords from data breaches everywhere they can.

So, if you used the password 'summer2021' for your kids' soccer account and the site is hacked, attackers know to try  'summer2021' on all of your accounts. 

Google study from 2019 found that about half of people surveyed reuse passwords, and 13% use the same password for all accounts.

Make different passwords for each account and store them in your password manager.

There is a chance that password managers can be hacked, but experts say you are much more likely to fall victim through reusing passwords than through any kind of manager breach.

#6 - OLD SCHOOL, OLD RULES

Some sites and systems have not caught up with the latest advice from NIST. They may require you to use lower case, upper case, numbers and symbols as well.  

That's where a password manager really comes in handy, since it's a lot harder to remember and type "I1ik3^mp3r3News^llday10ng" than the simpler alternative.

No More Passwords

There is an end in sight. Many companies are working toward passwordless systems. Until then, follow these tips and you'll have a safer, more headache-free experience online.

What makes a password great? How well it keeps an attacker out.

 

Featured Stories

Featured
Scammers are stealing people's faces for live video calls
Scammers are stealing people's faces for live video calls

Criminals are swiping peoples pictures from social media and using them to create deepfakes for live calls with their victims. Romance scammers revealed these strategies and more in brazen social media posts about their tools and tactics. Their videos show real conversations with victims as the scam plays out.

Learn to detect a deepfake voice with an Elon Musk clone
Learn to detect a deepfake voice with an Elon Musk clone

Fake voice attacks are coming in through your phone and your social media. A new round of Elon Musk fakes shows how criminals are using the clones against you and how you can detect them. In this latest scam ad on YouTube, the Elon clone claims you're one of 45 people he's hand-picked to try out his new money-making venture.

Would you fall for this fake email written by AI?
Would you fall for this fake email written by AI?

The future is here. Attackers have begun to use artificial intelligence to write effective and realistic phishing emails, just as security experts predicted. The target here: people at six universities. Now we need to change how we look at suspicious emails to protect ourselves even further.

Here's how easy it is for scammers to use PayPal to trick you
Here's how easy it is for scammers to use PayPal to trick you

Scammers have found an easy way to trick us by sending real PayPal invoices from a real PayPal email address. It's easy for them to do and it can fool you into paying or, even worse, calling to stop the purchase. Here's how it works.

Thieves are running illegal travel agencies with your stolen points
Thieves are running illegal travel agencies with your stolen points

Thieves are raiding your rewards accounts, looking for air miles and hotel points to steal. They're turning your rewards into their riches, running illegal travel agencies on the underground market. Here's how they get into your accounts and how to stop them.

Patrick Miller