For years, recommendations have been to use passwords that look like a real mess and are impossible to remember, but even from various standards and technology institutes now say that it has not been so effective at all. Of course, you should not use words like passwords or your name and date of birth for a password, but they should be logical and easy to remember. No matter what the password, it should be able to withstand 100 guessing attempts, meaning it should not be associated with any publicly available information about you or your family members.
Hackers, when targeting you, will often use publicly available information about you (from various social networks) to try to create a list of possible passwords and very often be successful in doing so. Instead of some secret code, a strong password should be a phrase you will easily remember but also hard to guess. It might be some important quote you don’t share with others, or you can use a phrase using things you loved as a kid type. These can be things that only someone you grew up with could know, and you probably don’t share them anywhere in public. Use a long password. We used to try to come up with an eight-character password, but now we are advised not to save space. The higher the number of characters, the harder it is to crack the password.
Recently, it has been advised that passwords are changed every three months, however, this has motivated people only to replace the number at the end of the password. A long and strong password does not require frequent change unless the service you are using was the target of the attack. The password should be unique, but no one says it must be so complicated that you will forget it in two days. A good sentence, rhyme or something that comes to mind is good advice. You can further complicate your long and creative password with special characters. So you can insert an exclamation point instead of number 1 or number three instead of E, and you can start each word with a capital letter. You can make it difficult for hackers to work with an extra layer of security. If they do manage to crack your password, it will be much harder to break into the next level of security where you will receive a code in an email, SMS or a special application so they can log in to that profile. That is, it is an additional measure to prove that you are you.
The first recommendation you’ll hear from security people is to never, but never, use the same passwords for everything you need. Another recommendation is to never, again and again, use personal names, birth dates, pet name or anything that may be associated with you. The third recommendation is to avoid words that are in the vocabularies for your password. The fourth recommendation is to change your passwords periodically, and the fifth recommendation is to make sure you have a password provided by an administrator account on your computer, whatever you think of this recommendation.
Another recommendation for IT coordinators is that you are often in a seminar, on your way, or God forbid. While you are away if something unforeseen happens to your network or computers, server or router, someone will jump in to help, but when you don’t know your passwords. So it’s a good idea to write them all down and put them in an envelope, paste it and hand it to, say, the director who will store the envelope in a safe, he will be the only one authorized to open the envelope if necessary. If this happens, set new passwords and save them again in the safe.
The average internet user has more than 10 different accounts (depending on the research, the average number ranges from 17 to 27. That number of correct codes is not easy to remember, and it can be especially difficult to remember which code is which account. To make it easier for the average user life, there are password managers in the cyber world. One of the better examples of a good password manager is Keeper Password Manager & Digital Vault. It provides you with dark web protection, encrypted chat services and comes in a variety of extensions, like browser, web, and even a mobile phone app. To find more details about it, visit this page. More importantly, some are open source. Code managers will generate a random code/phrase of the desired length and security for your account, store it in an encrypted database with other accounts. The base of all your accounts is encrypted with one code that you need to remember. The advantage of code managers is that you remember one code instead of each account separately. There are also group code managers. that you will not give to everyone.
There are also network code managers that synchronize the encrypted code base with some network servers. That way, if you lose your device where you kept your passwords, you can still access your passwords stored on the server. Redundancy of all your codes is really necessary, especially if you are not good at memorizing codes. This can still pose a risk to the security of your passwords, because in addition to the security of your device, how important it is to communicate with the server, the security of the server itself, and the strength of the encryption you used to encrypt the password base before sending it to the server.
When we think about the privacy of our data, the first thing that comes to our mind should be a code. Why? Because essentially classical symmetric encryption comes down to a code that the user enters and the data to which that code is applied using a certain algorithm a finite number of times. Let’s look at where we all rely on codes today to protect ourselves from attackers and to protect our privacy. How you generate and where to store your codes is definitely up to you. Using secure passwords is not difficult, and programs such as password managers make it as easy as possible. It certainly pays to do a little work on your passwords, not because we are hiding something, but not to get a headache when a hacker breaks a secret code.
