To improve user security, ExpressVPN now asks users to create a password that they don’t use elsewhere, and it must contain:
- At least 8 characters
- At least one number
- At least one symbol (e.g., #, {, @, !, ?)
Why you should never use the same password twice
For protection against hacks, it’s important to create a unique password for every account that you open, including ExpressVPN.
There are constant attacks on websites, leading to the frequent theft of user login credentials, and nefarious ne’er-do-wells will target vulnerable sites that lack the same protection as, for example, a bank does.
An attack could be as simple as using a spoof admin email to ask a low-level moderator of a forum page for user emails and passwords. Once a hacker has these details, they will try them on a host of more secure online services.
So even if you have the strongest password in the world, if you use the same one for a kitten pic forum as you do for your bank, you are at risk of a significant hack.
Of course, it would require a Herculean feat of mental strength to remember all those passwords, but you can use a password manager to make life easier.
The importance of strong passwords
ExpressVPN has a ReCaptcha system to thwart logins from non-humans, and we limit the number of login attempts a user can make to prevent a brute force attack, but it’s still important to use a robust password.
A brute force attack is when an attacker will spam passwords in an attempt to guess a login, which is why password length and complexity is incredibly important — just one extra digit increases the time it will take to hack your account exponentially.
For example, a password that contains only 4 letters only has 456,976 combinations, but one with 5 has 11,881,376.
By including numbers and all symbols (96 characters), and with a minimum 8 character password, there are 457,163,239,653,376 possible combinations for ExpressVPN passwords.
Though 8 is the minimum of characters ExpressVPN will accept, the more you use, the more secure your account will be. A 12 digit password has 94¹² (475,920,314,814,253,376,475,136) combinations and would take a computer 7.5 million years to crack at two billion guesses per second.
Protect your online accounts with a strong password
Make your passwords long and complicated and use a password manager to remember them, so you don’t have to.
For some different and, dare we say it, exciting techniques to pick a secure password, check out this guide by Lexie.
Originally published at Home of internet privacy.