The importance of personal online protection against hackers and intruders, particularly in today’s global environment, cannot be overstated. This is true for students, faculty, staff, and parents alike. Everyone needs to be vigilant about protecting their online accounts with strong passwords. This is not only true of our e-mail accounts, but all online accounts. Many of us have social media accounts, access to our credit cards from the web, as well as our bank and brokerage accounts.
If any of your online passwords are: 123456, password, rockyou, princess, or abc123, congratulations, you have one of the top 10 most common (and easily cracked) passwords, according to a study done by security researchers at Imperva.
What should you do? Here are a few ways that you can stay safe online:
· Make your password at least 12-15 characters in length
The longer the password the less likely it is to be cracked. You may think it’s a person trying to crack your password. It’s not. It’s a computer doing millions of calculations a second. Computers don’t tire, and they don’t give up. The longer and more complex your password, the longer it will take an automated tool to test all the possible combinations to find a match.
· Use at least 2 upper-case letters, 2 lower-case letters, 2 numbers, and 2 special characters
If your password is only made up of lower-case alphabet letters, then you have just reduced the number of possible choices of each character to 26. Even a fairly long password made up only letters can be cracked quickly. To protect yourself, use a variety and use at least 2 of each type of character. The longer, the more complex, the less likely your password is to be compromised.
Consider this: It is reported that adding just two numbers to your password may increase the time it takes to crack your password from a few minutes to a few years.
· Make the password as random as possible, avoiding whole words
Many automated cracking tools first use what is called a "dictionary attack". The tool takes a specially made password dictionary file and tests it against your password. For instance, the tool will try "password1, password2, PASSWORD1, PASSWORD2" and all other variations that would be most commonly used. There is a high likelihood that someone used one of these simple passwords and the tool will quickly find a match using the dictionary method.
Tip: Avoid using personal information as part of your password. Don't use your initials, birth date, your kid's names, your pet's names, or anything else that could be gleaned from your Facebook profile or other public sources of information about you.
Test Your Passwords Now
It's important to know if your password is relatively safe. To do this, go to www.howsecureismypassword.net and start typing. As you type, the indicator will update after every character to tell you, approximately, how long a desktop PC would typically take to crack it.
The key to strong password construction comes down to a combination of length, complexity, and randomness. If you follow these basic principles, then you are taking the steps necessary to protect yourself and your privacy.