The magic word
A password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource, which is to be kept secret from those not allowed access.(source: Wiki.org)
That would be a scientific description of a password, but where do we interact with passwords? You use them when unlocking a password doors, to pass a guard, to log on to your computer or smartphone. All of those are passwords, some use it every day and some rarely. In today’s modern society where technology is becoming our identity we need passwords to protect what is “private” but the problem is that every system needs a password, in most cases different one.
First of all we need to think of all those different password because if you use just one for all systems you are probably going to get hacked. After we think of a password we need to remember it, not wright it down into our notebook but memorize it.
In many cases business passwords need to be random and need to change every 4 to 6 weeks, it is just one more challenge. In this case first problem is being random, people usually lack such ability because we all use words that we encounter every day. We use names of children, friends, car brands or simply a word “Password” which is one of most common words used when it comes to passwords.
To overcome that problem we have applications that generate completely random passwords for us to use, those passwords are usually much stronger than those we think of. The main parts of strong password is:
· Special signs
· Caps letters
· Numbers
If you combine those in a completely random order you can get a strong password. But then how to remember such passwords because many of them are going to look like this: “45aHj!!bl2N”, could you remember that password or let’s say 10 of those?
You can’t and that is the reason today’s market is finding more and more ways to give you an opportunity to store your passwords on to one application. For instance internet browser companies such as Mozilla, Chrome and etc. have noticed that people have too many passwords that they keep forgetting and offered them a “safe” way to store passwords in the browser safely.
After they have been stored on to the browser they are being encrypted so that they cannot be stolen or hacked.
When it comes to hacking all you need to know is that there is only a few passwords that cannot be hacked and yours is probably not one of those. Hacking a password can be used in many cases, some good some bad. For instance some companies check the strength of passwords that their employees use by hacking them on a weekly basis, or they try to hack the main system password to determine how strong it is.
On the other hand, there are those that hack passwords just for the fun of it all and there are those (most common) that hack passwords to ask for ransom money or to cause financial harm. They use many techniques such as:
· Smart guesses — the easiest method, simply try to guess if you know the person using it
· Dictionary attacks — usually offline attacks against a password, but can be used online — it simply uses all the words from the dictionary trying to find the correct one
· Brute-Force attacks — a more complete method of dictionary attacks — involves trying millions of combinations with every letter and punctuation
· Rainbow tables — offline attacks used for hashing millions of passwords
· Social engineering — Hackers pose as a help desk or something similar and simply ask for your password — this method still works
In many cases if you notice your password has been stolen you can simply create a new one, but what happens when you simply don’t know you have been hacked? Just think of how many personal information, how many documents, pictures or financial info you have online protected by passwords? Do you really believe in their strength so much?
After a brief period of panic you can relax because there is always time to fix it all and to change the strength of those passwords. First of all you should check where you use passwords online simply by getting to websites like: https://haveibeenpwned.com/ and writing your email address. You can then see all systems you used and that got hacked, pick those services and create a new password for each one of them. For creating a strong password simply use a password generator and then store those passwords into password vault applications.
That would be the most safest way of creating and keeping a password because it is not connected to you or some word from the dictionary and it is not in your memory but in a application that is keeping it safe. Those vault applications use one master password which reveals all others that you have, so the master password needs to be very strong or you are risking it all.
Just for the end, keep in mind that every password is a target online, so use them with care, don’t use the same password on different places because sometimes, online, you come across infected systems that simply duplicate your password. After that every system you use with same password is compromised. Be smart, don’t let anyone mess around with your digital identity and cause you troubles you don’t need.
