The brute force attack
Credential stuffing
Password spraying
The dictionary attack
Phishing
Strong password tips
Don’t be silly
Mix it up
Don’t follow the keyboard
Don’t substitute
Don’t use the same one elsewhere
Make it a long password
Activate two-factor authentication
Use nonsense words
Change your passwords regularly
Use a password manager
How to create a strong password (and remember it)
Posted August 21st, 2020 by SimpliSafe
It’s the top piece of advice given when it comes to cyber security, but what does creating a strong password actually mean? And, perhaps most importantly, how do you go about remembering it?
Whether it’s your email password, your online banking, the account that controls your wireless home security system, or your favourite clothing shop, it’s important that your passwords are protected. Not only could it mean that you are locked out of the account if one is compromised, but someone could have access to your financial information and money, so let’s take a look at how to create a strong password.
How are passwords hacked?
Hackers and criminals can use one of several methods to try and break your password. Here are a select few:
This involves hackers throwing as many passwords as possible at your account until they land on yours. Of course, this isn’t done manually. Automated software will try as many combinations as quickly as possible
Sites that have poor security are unfortunately easy targets, and thieves regularly hack these sites to sell the data on dark web forums. Because many people use the same password across multiple sites, credential stuffing - also known as list cleaning - tests the stolen credentials against other accounts to gain quick and easy access
This technique works by trialling commonly used (and weak) passwords against a user’s account. Some of these common passwords can include password123, 1234567, etc.
Similar to the brute force attack, which tries combinations of letters, numbers and symbols, the dictionary technique involves attacking your account with a dictionary using a prearranged list of words
You’ll likely know all about phishing email scams, which involves criminals tricking, pressuring or intimidating people into giving over their card details or password by pretending to be an authentic website where your account needs urgent attention
Now that you know a few ways that passwords can be cracked, you can work backwards to outsmart these attacks, while also remaining vigilant of phishing emails that land in your account. Let’s take a look at a few of the ways you can create a strong password for each of your accounts.
Unfortunately many people still rely on easy to remember, and therefore easy to hack, passwords such as ‘password’, 1234567 or qwerty. Never use sequential letters or numbers, and don’t use a password that contains any personal information such as your name or date of birth as hackers can get around these in no time
Alternate between upper and lowercase letters and symbols and numbers. The more potent and varied it is, the harder it is to crack when attacked with brute force
We understand it’s easy and makes for quicker logins if you follow a path on the keyboard - like qwerty - but this puts you particularly at risk
While you may think that substituting a zero for the letter ‘o’ or a ‘5’ for an ‘s’ is a clever trick, unfortunately these can be cracked just as easily as the letters themselves. Try random symbols for extra security
It’s something we’ve all been guilty of, but if you use the same password for multiple websites then you’re running the risk of them all becoming compromised if one of them gets leaked
How to make your password stronger than ever
Passwords that are between nine and 12 characters are vulnerable to easy hacking. Ideally you want your password to be no shorter than 15 characters
This involves having a secondary login method in addition to your password, such as a fingerprint on your phone or having a temporary passcode sent to your phone number. Many apps - including the SimpliSafe app! - has the option to activate this. For more information, check out our guide to two-factor authentication
Single words can easily be cracked thanks to the dictionary methods. Two word passwords are also easy. But passwords that are made up of multiple nonsense words are trickier to get past
By changing your passwords on a regular basis, you are ensuring that even if your accounts are compromised, that the information criminals have quickly becomes defunct. We’d recommend a change every three to six months
These automatically generate and store your passwords all in one safe place. All those passwords will then be kept in an encrypted location that can only be accessed using your master password
Passwords are a part of life that we have come to get used to, and they aren’t going away any time soon. Keeping your accounts secure doesn’t have to be difficult or time-consuming. You could even set a reminder on your calendar to change your passwords every few months, and then save them into your password manager, that way most of the hard work (the remembering) is done for you.