There’s only one entrance to the house: a steel door two feet thick. If someone from the outside touched the door, even with a battering ram, they’ll get an electric shock. No bad guys could get through, right?
Well, suppose the bad guy tricks the homeowner into opening the door and once open, the bad guy strangles the homeowner. Do you see what happened? All that security is worthless if the homeowner can be tricked. And the same goes for passwords. You can have the longest, strongest, most gibberish-infused password around, but if you allow yourself to be skunked by a hacker, it’s over.
Think you can’t get skunked? A hacker could post a link to a “video” claiming it’s Taylor Swift showing off a significant weight gain (anything to get you to click), and you end up downloading a virus to your computer.
Or maybe you get suckered into giving your credit card number and the three-digit code on its back to some site to “re-verify your credentials” because your account has been “compromised”.
Related Article: Website Lockdown: Protect Your Site from Hackers
Security begins by not falling for these ruses but also by not having crummy passwords.
- Research shows that 90% of passwords are vulnerable to hacking
- The most common password is “123456” and the second most common password, is “password”
- 1 in 5 Internet users have had their email or social networking account compromised or taken over without their permission
If you have a password that’s commonly used (yes, hundreds of people may have your exact passwords; you’re not as original as you think), then there’s a strong possibility the password would be included in what’s called a “dictionary attack”. A dictionary attack is when a hacker applies software that runs through real words and common number sequences in search of a hit.
Some examples of passwords that a dictionary attack will easily snatch are:
- password1, p@ssw0rd, passw0rd and pa55word
Let me stop here for a moment. What goes on in the heads of people who use a variation of the word “password” as a password? I’m sure that “pa$$word” is on this list too.
First, ask yourself if it’s super easy to remember any of your passwords. If it is, chances are, they contain actual names of people or pets in your life. If you have your pet and its name plastered all over your Facebook page, a hacker will probably figure that your password contains the name.
Another way to easily remember and type passwords is to use keyboard sequences. Maybe you use the same password for 14 accounts: 123kupkake. Is this easy for a hacker to crack? Most definitely. Imagine a hacker cracking this with his software (it’ll take about 10 days). He’ll get into all your accounts.
There are many password manager services out there to help you create a strong, long password, though randomly hitting keys on your keyboard will produce the same result. But the password manager will grant you a single password to get into all your accounts, sparing you the drudgery of having to remember 14 long passwords of jumbled characters.
Another layer of security is to try to only register with online accounts that have two-step authentication. For instance, see if your bank offers this (though, many actually don’t). Two-step authentication makes it next to impossible for someone to hack into your account.
Related Article: Better Safe Than Sorry: Two-Step Authorization
So, to recap: strong and long passwords; different passwords for all of your accounts; a password manager; two-step authentication; and what else? Don’t be suckered into giving up your private information!