Think you have a strong password? You may want to think twice about that after you study some of the most recent reports on cyber security and password detection analysis. Despite years of warnings about the importance of selecting strong, secure, and difficult to guess passwords, Americans are still lackadaisical about their passwords. Too many of us use personal information that can be found on social media to secure our banking sites or use birthdays, anniversaries, or our pet’s name to protect our login information. Still, even more of us use the same password and username for all of our accounts, from our Facebook page to our retirement funds. All of these methods are considered risky behaviors by cybercrime experts. Let’s explore some of the weakest passwords to see how fast they can be hacked as well as take a look at how you can improve your passwords in a few simple steps. Finally, we will analyze the risks associated with weak passwords and how that could impact you personally or professionally.
Most Common Passwords
Take a quick guess at what the most common passwords are across the globe before we tell you. A pet’s name? Your surname? Important birthdays or anniversaries? You may be surprised to know that, according to Statistica research in 2020, the most common passwords globally are: 123456*, picture1, password, 111111, and 123123 in the top five spots. Dropping to the top ten are qwerty, test1, and abc123*. If you recognize any of these as your password(s), it’s time to get serious about your data and start changing your login information pronto.
How Fast Can Your Password Be Hacked?
This is the question every online user should be asking every time they set up a new login or enter personal or financial data. Businesses, most especially those bound by compliance regulations like HIPAA, should be using a password manager and regularly change all credentials to ensure vulnerabilities do not exist. If you are wondering about the commonality (and consequently, the weakness) of your password, we suggest you try out your most used passwords on a password strength meter such as Password Monster or How Secure Is My Passwrd.net. Here you will find out how common your passwords are along with how fast a hacker could procure your information in minutes or even seconds. The results can be eye-opening to many who falsely believe they have a strong password, or that their data is not important enough to warrant a password review. For example “qwerty” takes under a minute to be hacked as do all of the top contenders for weakest passwords. Computer programs can systematically go through your password possibilities in mere seconds and determine the most likely options given your name, age, and personal information detected on social media or anywhere online. Try out your favorite passwords to see how fast they can be hacked. The programs will not only give you an analysis of how fast you could be hacked but will tell you what they found, such as a surname or dictionary word that could be easily guessed or surmised through a computer program.
In general, if your password is 8 characters or less, it can be cracked instantly. That number goes up as you add characters, upper and lower case variation, numbers, and special characters.
Use a Password Manager
Unfortunately, as you add numbers, characters, and special symbols, so too does the likelihood that you will forget the password. That’s where a password manager can come in very handy. These programs can choose a strong password that will be difficult to hack. 1Password, Last Pass, and Bitwarden are good choices to store, organize, and maintain your logins.
Stop Using the Same Password For Everything
Studies show that young people, aged 18-34 are the biggest offenders of this and consequently the most hacked users online. Forty-two percent of people in this age group have been hacked in the last year. The important thing to know about using the same credentials for all accounts is that once a hacker has discovered this, they can access all of your accounts unabated. This could spell ruin for a business, or, at the very least, lots of time and effort to correct the issue.
Avoid Personal Information
Using techniques like social engineering a hacker can easily ascertain your most guessable passwords including anything having to do with your pets, surname, college, favorite sports team, address, your nickname, children’s names, and/or spouses' name. It can be easy for a cybercriminal to find and exploit that type of info with relatively little effort compared to using a stronger password.
Use 2FA or Multi-factor Authentication
Technically Two Factor Authentication (2FA) or Multi-factor authentication (MFA) does not necessarily make your individual passwords stronger, it does help secure your accounts when paired with one.For instance, say a hacker gets ahold of your password, with 2FA or MFA they would still need an additional code from the primary user to get in. Assuming you do not blindly approve codes, you would still be able to stop the hacking in progress by not approving the second code.
Train Your Employees
Your employees are on the frontline of security for your organization. Your company is only as protected as your weakest link. Therefore, it is critical that you train and retrain your employees regularly about the importance of keeping strong passwords.
2 Main Methods of Password Infiltration
We know this is a lot of information coming at you all at once. Hopefully, none of it is new, but rather a good reminder of security best practices for your personal and professional life. If you’re still wondering what the big deal is with using a weak login or using the same login over and over again, let’s take one last look at the two main methods used to gain access to your accounts and steal your login information.
A fairly common way for hackers to access passwords is by brute-forcing or cracking passwords. These methods use software or a host of automated tools to generate billions of passwords and try each one of them to access the user’s account and data until the right password is discovered.A computer program can try all combinations of letters, numbers, and special symbols according to the password rules until they find the one that works. Then your data, no matter how important you deem it to be, can be accessed and used in malicious ways.
One of the easiest ways a hacker can gain access to your password is via a phishing scam. Rather than use a program to gain access, in this method users often accidentally give private information to the hackers without knowing its ultimate malicious use. During a phishing scam, a user is tricked into giving access by typing their password(s) into malicious websites that request the information. Those sites are, unfortunately, controlled by the hacker, who has just easily gotten your password!
A Final Word…
We have been talking about the importance of safeguarding business and personal passwords for years. The results of hacking can be devastating for individuals and can be business-ending for some companies depending upon the damage done and the reputation that may be left in tatters.Maintaining a secure password practice is actually a fairly simple process. Choose wisely and if you need assistance, a password manager can be your best friend in remembering and maintaining the security of these credentials. For more assistance in shoring up your online security for your accounts talk to our team here at Spectra Networks and we can assess your level of indeed as well as make recommendations on how to improve your security.