4 minute read
Innovation How hackable is your password?
Passwords have become an infinite part of our daily lives for some decades now, acting as a critical gatekeeper and guarding our digital identities. Since the beginning of the cyber age, we have fully trusted that our password will protect us online from hackers and scammers, but a lot has happened since those days when users only needed to remember a few passwords.
With the rapid development of ecommerce, social media and self-service sites, we now have to get accustomed to managing dozens of usernames and passwords, and sometimes security answers. Having to memorise a password that is eight characters long and ensuring that it contains lowercase or uppercase letters, numbers and special characters, can be a tiresome chore, only to have it expire in 90 days and having to reset all over again. Unless your password was randomly generated, it is probably locked away in your mind somewhere. Brute-force memory retrieval is not usually very effective, so what can you do to try to remember what your password was? Thank goodness for the “Forgotten your password?” option as a backup. Most people create passwords based on people, places, and things in their personal and professional lives e.g., your dog’s name, your spouse’s birthdate, and other words and phrases related to your life that are possibly discoverable on your social media profiles. According to research by one password management company, an average person has about 70-80 passwords. To put this into perspective, 80 words can make up a four-verse poem, or a pop song, not counting the repetition of the chorus. Eighty passwords are a lot to memorise. Unique passwords will offer better security because if one of your online systems is compromised, the access to another service is not possible. The most commonly used passwords have not changed much in the last seven years, proving that most people do not put enough effort into creating a complex password. The 2020 top five list are: 1. 123456 2. 123456789 3. qwerty 4. password 5. 111111
Advertisement
Qwerty comes from the order of the first six keys on the top left letter row of the keyboard.
“We now partly understand why people use easy-to-guess passwords — they simply have too many to remember. So there is no surprise that people use either very easy passwords or have a few and reuse them for all accounts,” says Chad Hammond, a security expert at NordPass Password Manager. “People also often think they have nothing to hide. But no one leaves their house unlocked. Even if there is nothing valuable inside, nobody would like strangers sniffing around. And just imagine them changing the lock. The same applies to your online life. Nobody wants to lose access to their personal accounts, especially paying thousands in ransom afterwards,” explained Chad Hammond. The use of first names inside passwords is very common, especially first names that are already included in email addresses, making it easier to remember. Letters in caps, with A being the most used and numbers, e.g., 123 or 789 are the most predictable pattern when creating passwords. Educational domain users and students at tertiary level are likely to choose common passwords. They do not regard their .edu email addresses as useful enough to be hacked, so they tend to create easy-to-guess passwords, with the most common being simple words of their current activity, e.g., soccer, football, etc. But it is not just online accounts that can be hacked, other electronic devices such as WiFi and mobile phone passwords face the same risk. A weak Wi-Fi or mobile phone password can make way for an online fraudster to steal your most precious data and, worse, your other passwords if they are stored on your phone. It is no surprise that some mobile phones can be easily accessed with passwords like 1234, 0000, 1111, etc. Here are some tips from security experts on improving your password strength: 1. Do not reuse passwords on any account. 2. Use a password that is longer than eight characters. 3. Do not include any words in your email address as part of your password. 4. Always include numbers, capital letters, and special characters in passwords. But many passwords start with a capital letter and end with a number (often the current year). Do not follow that pattern. 5. Do not include common names, common cities, or common cultural references. To learn more about passwords and reduce the risk of being hacked, go to: https://bit. ly/2GDaiVN. Tell us your password horror stories and tips that you wish, in hindsight, you had adopted by emailing us at: publications@graduatehouse. com.au
Phone: +61 3 9347 3428 admingh@graduatehouse.com.au 220 Leicester Street, Carlton, Victoria 3053 www.graduatehouse.com.au ABN: 55610664963 IARN: A0023234B
