Why you need a better password

June 29, 2020

By Kirsten Queen

From your banking app, to your Facebook page, to your work computer logins, you need a password for nearly everything in this digital age. It can be hard to keep so many passwords straight, which is why many people opt for simple, easy-to-remember ones. Simple passwords might make it easier to log in day-to-day, but they could be setting you up for problems in the future. Keeping your information safe online often starts with setting a secure password. 

Is your password easy to hack?

According to SplashData, the most common password used in 2019 (and 2018, for the record) is 123456. SplashData estimates that about 3% of people use that as a password. Other common passwords include:

123456789
qwerty
password
1234567
12345678
12345
iloveyou
11111
123123

Using one of these easy-to-guess passwords is like leaving your front door unlocked for anyone to come in. About 16% of password hacking attempts come from password spraying (using that list of the most common passwords) to try logging in. Criminals can use your data for a variety of purposes online, including accessing your financial information. They might even pretend to be you online by sending emails from your address or creating social media accounts using your profile information.

How passwords get cracked

Wherever you have an account, a database stores your login information. To keep passwords safe, these systems “hash” or encrypt the password, scrambling the information so it isn’t easily accessible. Different parts of your password are marked with a hash value to make it difficult to decode.

Data breaches, which are all too common, often include hashed passwords, and hackers have a variety of creative methods to crack passwords. For example, a rainbow table is a database that stores common plaintext passwords alongside their corresponding hash value, making it easier for hackers to decode a hashed password. They use brute force attacks to guess at every single possible letter, number, symbol combination in a password. Hackers also maintain and use lists of commonly used passwords, like 123456, to break into accounts.

Cyber security is more important than ever and setting crack-proof passwords is a key part of protecting yourself from identity theft or fraud. Keep your personal data safe from hackers with these tips for making a strong password. 

Tips for creating better passwords

It’s time to leave simplicity behind. If you’re concerned about remembering a long list of complex passwords, don’t worry. We will get to that in a moment when we talk about password managers. Let’s go over some password dos and don’ts first. 

Password 'Dont's'

  • Don’t use common words, especially your personal information or any word you can find in the dictionary.
  • Don’t use the same password in multiple places. If someone hacks your password on one site, your other accounts that use that same password become compromised.
  • Avoid common keyboard patterns like “qwerty” or “asdfg.”
  • Don’t recycle previously used passwords when you update your password. 

Password 'Do's'

  • The best passwords are at least 8 characters and include a mix of uppercase and lowercase letters, numbers, and special characters (!@#$&^%). The tougher the password, the longer it will take a brute force attack to guess your password.
  • Create a mnemonic device to remember your passwords. Your bank password could use a dollar sign and emoticons based on how you feel about it. Something like “RoLL!nG$inIT;)” is secure and can be remembered without too much hassle. Notice that this password isn’t actually a dictionary word, which makes it more difficult to hack.
  • Change your passwords often, at least every 90 days. If you are likely to forget, just set a reminder in your calendar or phone.

Password managers

So, you’ve created a super-strong password like “h71[{!0~I3KI1>V”—great! It’s very secure, but also difficult to remember. It gets even harder if you created one like this for every single site and app where you log in. That’s where a password manager comes in.

Password managers encrypt and securely store passwords for every account you need to log in to. Some even generate secure passwords for you to save you the trouble of thinking of a good one every 90 days. To use a password manager, you’ll only have to remember one master password. When you go to log into your accounts, the password manager autofills your login information so you don’t have to remember any complex passwords. Some password managers can even store your credit card information, making it easy to shop online.

Keeping your passwords secure

Even with a password manager and secure passwords, you should take some additional steps to ensure your accounts remain safe and secure:

  • Turn on two-factor authentication for your important services to add another layer of security. Two-factor authentication requires extra verification besides a username and password, such as a secure code sent to you by text message or email.
  • Be wary of other attempts to gain your information, like phishing or social engineering.
  • Always log out of accounts if you use a shared computer and avoid logging into important accounts when you’re on a public or shared WiFi connection.
  • Make sure no one is watching over your shoulder as you enter your passwords. 

Final words

The internet is a powerful tool that helps us all stay connected, do business and entertain ourselves. But like any tool, it can also be used to do harm. That’s why it’s important to stay educated and informed about how to keep yourself safe in online spaces. If you haven’t already updated your passwords to maximize your security, there’s no better time than now. 


This blog is provided for informational purposes only and may require additional research and substantiation by the end user. In addition, the information is provided "as is" without any warranty or condition of any kind, either express or implied. Use of this information is at the end user's own risk. CenturyLink does not warrant that the information will meet the end user's requirements or that the implementation or usage of this information will result in the desired outcome of the end user.

 

Was this article helpful?