It is wise to check your password for social networks, internet banking, webshops and other websites once in a while. Are the passwords strong enough? How long have you been using this password? Here are our tips for creating a strong password.
Standard is not good enough
Many websites and companies require you to use at least 8 characters when creating a password and it must also contain a lowercase letter, a capital letter and a number.
But if you stick to this minimum, your password is very vulnerable. The password “Krx3Si4t” may seem very strong, but research shows that this password will be cracked in just 2 hours. Maybe add a special character? “Kr@x3Si4” is already a bit stronger, but it doesn’t last long either, because it cracked at 9 o’clock. Check it out for yourself if you don’t believe me: https://howsecureismypassword.net/
How do you ensure a strong password?
- Provide a long password.
- Choose a different password for each website/app. Use a password manager.
- Activate ‘2 factor authentication’ (2 step verification) where possible.
Long password
How is it possible that a password like “Kr@x3Si4” gets cracked by a hacker at 9 o’clock? That’s because hackers use GIS software.
GIS software can make thousands of guesses in a minute, cracking a short password quickly. Unfortunately for us, the GIS software is also very up-to-date and can therefore also bet on numbers and special characters. That causes a little more delay, because then the software has to gamble more, but the software will crack your password anyway.
The solution: a long password!
Is your password “mynameisharry”? Then you don’t use capital letters, no numbers and no special characters. And yet it takes GIS software about 51 years to crack the password. This is because more characters are used and the more characters the more combinations are possible. You need a password of about 11 characters to create a really strong password.
For example, choose “rfv5Tgb@uio”. This password contains 11 characters and meets the minimum requirements (lowercase letters, uppercase letters, a number and a special character) that you encounter everywhere when creating a password. It would take the GIS software about 400 years to crack this password, but if you delete the ‘o’, for example, it would only take 6 years to crack the password.
Too hard to remember? You can also use a passphrase: you then use a sentence, remove the spaces and replace certain letters with numbers, such as the letter ‘o’ with a zero and the ‘e’ with the number three, or with special replace characters such as the letter ‘a’ with ‘@’. For example, you will receive “IkBen30j@ar” or “IkH0uV@nEten”.
That is fairly easy to remember and very difficult for GIS software to crack. On the other hand, you shouldn’t remember those long passwords at all, because that’s what we use password managers for.
A different password everywhere (password manager)
It is not only important that you use a long and complex password, it is even more important to use a different password on each website/app/service. Thousands of websites are hacked every day. If you then use the same password everywhere, all your other accounts are also at risk if one is hacked. For example, a hacker who knows your Twitter password can also log into your Gmail.
Using a different password everywhere is obviously impossible to remember unless you have a photographic memory. We solve this by using a password manager. You can compare such a password manager with a safe: the safe contains all my different logins and the safe is protected with a master password. So I only have to remember the master password and then the password manager logs me in automatically everywhere.
For example, use the password manager LastPass. Not only does it remember your passwords, but this app also generates long and complex passwords so you don’t have to worry about them. LastPass works on Android smartphones as well as Windows, Mac and iOS devices. There is certainly a lot of good to say about Dashlane, only you pay a small monthly contribution for this app.
Interested in a password manager? Then be sure to read this article about the best password managers.
Two-factor authentication, two-step verification, 2 step verification
Unfortunately, no password is completely secure. If a website is hacked and you have an account with that website, the hacker will have your login details. Since you now have a different password everywhere, it is not a huge drama, but it is of course not nice that the hacker will be able to get into your account.
Fortunately, you can still outsmart the hacker!
‘2 factor authentication’, ‘2 step verification’, ‘two step verification’, ‘2 step verification’ or ‘2FA’, it has different names but they are all the same. 2FA is an extra security layer that also asks for an extra security code after your regular password. Every time you log in on a new device and you have activated 2FA, the website/app/service will also ask for an extra code after your password. You can get this code via a USB stick, a text message or via an app. The best app is Authy, but you also have LastPass Authenticator and Google Authenticator which are very good.
By using 2FA you make it extra difficult for a hacker to gain access to your account, because in addition to your password, they also need your smartphone to receive the text message or to open the Authenticator app. There are already many websites that offer 2FA. The most used social media channels (Facebook, Instagram, Twitter, Snapchat, and Pinterest) have 2FA and many other websites offer it as well. The full list can be found here: https://twofactorauth.org/†
Check
Via the website Have I Been Pwned you can check whether your login details have ever been obtained by a hacker. Only entering your email address is enough to see whether you urgently need to change your password or not. When you have done the check, you can indicate ‘Notify me when I get pwned’ to immediately receive an email when a hacker has accessed your data.
So now you know perfectly how to create a strong password and how to properly secure your accounts. Do you have another good tip? Be sure to let us know in the comments.
– Thanks for information from Androidworld. Source