Is it any surprise that most people create horribly easy passwords to crack or guess? Or that most of us use the same password for many important accounts like our email, banking, credit cards, and social media? Criminals depend on this fact! That's why they try so hard to phish for passwords at social networking sites or through bogus emails pretending to be everything from Amazon notices to Apple ID resets to banking notifications. They hope that those captured or decrypted passwords, along with account holder's names, will get them into lots of financial accounts or, at the very least, into email accounts. People don't realize that their email accounts typically represent the center of their digital universe. Afterall, if you "forget a password" you can have an email sent to you so you can reset it. Therefore email accounts are extremely valuable to criminals.
Our collective lame approach to creating passwords has got to stop! It is time to do something about this! We know you can do better and we're here to help! Creating multiple strong passwords is not difficult. Take this set of examples. Using HowSecureIsMyPassword.net and Kaspersky Secure Password Checker, look at how long it takes for today's password crackers to figure out passwords on the following list:
Password Sample: Evaluation:
crispy Hacked instantly
crispybacon Hacked in less than a day
crispybacon12 Hacked in 7 months
crispy=bacon12 Requires about 400 years to crack
(crispY)=Bacon12 Requires more than 1700 centuries to crack!
PASSWORDS SHOULD CONTAIN:
Random use of letters, numbers
Non-letter, non-number characters such as = or ! or $ or )
Mix of UPPER and lower case
At least 10 characters long! (Two years ago we said 8 but faster computers and better password crackers now make these shorter passwords less secure.)
TIPS AND TRICKS TO CREATE SETS OF STRONG PASSWORDS FOR MULTIPLE ACCOUNTS:
a) Begin with simple phrases and then modify them but make sure they are at least 10 characters long. For example...
"Make it better" becomes "mak1TB3tr!="
"I love Spring" becomes "11UV$pr!ng!"
"Scammers suck!" becomes "$C@mm3r$=$uck!"
b) Create an acronym from song lyrics and then modify it. For example...
"When I get older, losing my hair" From the Beatles song released in 1967 becomes "w1GO1mh=1967"
"I got this feeling inside my bones" from Justin Timberlake's song Can't Stop This Feeling, released in 2016, becomes "JT16=!gtf!MB"
c) Make up a word and modify it: "flomacious" becomes "f10MAc10U$" And the capital MA is easy to remember if you live in Massachusetts. Kids are especially great at doing this! But if you are not, you can use a fake word generator to help you such as Wordoid or WordGenerator
Never use real words in your passwords, no matter what language or even backwards, because they are easier to crack by simple dictionary attacks.
d) For your different accounts, add a letter or 2 that relates to your account.
"bk" for bank, "MU" for mutual fund, "fb" for Facebook, "ig" for Instagrametc. Use a "+" or "=" symbol to connect them. Or put your base-password in parentheses, for example:
A final note... If your family members do not use passcodes to protect their smartphones, they are making a HUGE mistake! A stolen or lost phone can mean significant losses and anxiety. Insist that they both protect their smartphones with a passcode AND not share that passcode with anyone outside of your immediate family. Teens are especially vulnerable to pranks because all their friends may know their passcode.
ARTICLES RELATED TO PASSWORDS AND PASSCODES:
Estimating Password Cracking Times from BetterBuys.com
How Long It Takes to Break a Passcode from Fortune.com
How long would it take to crack your password? From the folks at Sophos.com
Busting Password Myths [podcast]