The Anatomy Of A Strong Password: How To Keep Your Online Accounts Secure

Table of contents:

• How do accounts get hacked?
• Create a strong password
• Password management methods 
• Tips on creating a unique password

From a recent report by CERT NZ, an alarming number of cyberattacks had increased in the last year, recording a loss of $17 million to online hacking due to weak and reused passwords across multiple accounts.

Privacy, including online bank accounts, are being compromised and will remain to be so unless Kiwis find a better way to secure their passwords. 

"If someone has been able to log into your accounts without your authorisation, you should change your password straight away, and your passwords should be like snowflakes — unique," CERT NZ Director Rob Pope said.

Because of this, more people are made aware of the circumstances that come with signing up for new accounts. There are smart ways to keep and safeguard your digital identity without confusing one password from the other. 

The solution to safely securing your account is to have an uncrackable password. But before that, let’s read up on some of the ways passwords can be hacked. 

How do accounts get hacked?

It’s easy. Some of these cybercriminals go to the dark web where login credentials are being bought and sold. If you’re using the same password for years, there’s a big chance that your login details are compromised and possibly on the black market list. Of course, there's always the old and effective, or upgraded tactics to force their way into your account.

Brute Force Attack

Take note that these cybercriminals will do whatever it takes to break into your account. It’s their way of stealing one's identity or access, and use that to their advantage. 

One popular tactic is the brute force attack. Here, your attacker will try as many combinations as he can using a GPU cluster. It can crack any code that contains upper and lower case letters, numbers and symbols in a short amount of time. Not only that, this program has the ability to generate 350 billion guesses per second. That’s why it’s advisable that users create not less than 12 characters in their passwords. The longer your password is, the better. 

Credential stuffing 

Credential stuffing is a subset category of brute force attack. When your server is compromised, you and other devices can be easily hacked. Your credentials can be used to open your other online accounts like social media, banking, and so on. Attackers who use this method are hoping to match the same login access used in your other accounts. So, it’s best to use different passwords for different accounts. 

Dictionary attack

Unlike brute force attacks, this method tries a long list of words found in a dictionary in the hopes that words generated can break into another person’s account. It doesn’t matter if you’re bad at remembering passwords, using a one-word code for all of your accounts can get you in trouble. Be sure to change it immediately before anyone else could. 

Phishing

This is a common tactic by hackers these days. What they do is they send you an email indicating that your account has been this and that: “request for account closure,” “login from new device” and etc. It looks legitimate but is a total clickbait. It will direct you to a phoney website that’s designed to make it look like your credit/debit card account. Don’t be tricked by this and hit spam email, or better yet, report straight to customer service. 

How to create a strong password?

We create a password in order to protect our profile and identity. This means that generating a strong password is a must, and it shouldn’t be easy to remember. If you can read your password as is, hackers can do so too with the use of automated tools. It takes more than your birthdate or favourite number when it comes to creating your own password.

A good password is a complex one. It’s nothing less like  “12345password.” You should make your password as unhackable as possible. And the only way to do that is to make it unique.  

Don’t use personal information

We can all agree that at some point, we made our date of birth our password across different accounts. There’s no shame in that but in a time like this where cyberattacks are happening more often, you should consider changing your password as soon as you can. 

Given that birth information is readily available online, it’s convenient for hackers to look it up on Google and use your birth details to log into your accounts. 

Use 20 or more characters

If permitted, you should create a minimum of 20 characters for your password. This will prevent hackers figure out your credentials especially if they’re using a dictionary attack to invade your account. 

Use a combination of characters 

One way to tell that a password is strong is when it has a mix of characters. Use upper and lower case characters with symbols (ex. !*&$) in your passwords to make sure that no hacker can invade your account that easily. 

Avoid common substitutes

Since there are hacking programs and tactics that even an average hacker can use, it’s more convenient for them to guess common substitutes within minutes. If it’s readable, it’s not as strong as you think. 

Don’t use sequential keyboard paths 

This is comparable to using common substitutes except that you can actually guess by simply looking at the keyboard. Avoid doing this if you don’t want other people effortlessly accessing your online accounts. 

You can also follow some of these tips for your account’s security: 

Best password management methods

Use a random password generator 

If you can’t think of any other way to create a strong password, you can use a random generator software like Lastpass random generator. Remember that having a longer password is more difficult to match as compared to a password that has less than 15 characters. These random generators will give an infinitely long character password and that’s okay. You can save this using a password management extension such as Google Password Manager to save and access all of your passwords on your device. 

Google can keep your passwords safe across all of your devices and accounts, which you can choose to automatically save or not. 

Make your passwords safe and secure when you have a fast and reliable internet connection. Use glimp’s comparison tool today to learn more! 

Password reset

Keeping the same password for all of your accounts and devices may be convenient at first. It’s easier that way anyway. But hackers are smart. They can get into any account to the point of buying login credentials to steal information for their own interest.

Experts suggest to never reuse passwords across multiple accounts. This will make your accounts vulnerable to cyberattacks given their identical login details. You can reset your passwords and create a stronger one with the help of a random password generator. 

You can also follow some of these tips for your account’s security: 

Find bizarre words or translate them into another language and mix them with several more words.

Ex. ChampagneBebidaEiffelTower 

Use the Bruce Schneier Method

Think of a random phrase or sentence and use that into a password. Let’s take a Susan Sontag line for example: “Life is a movie; death is a photograph,” and take the first two letters of each word. 

Ex. LiISaMoDeIsAPh

Know which broadband providers are best near you only here at glimp!