What is a strong password?

Passwords provide the first line of defence against unauthorised access to your organization.

It is now more common each and every day to hear reports of website breaches and leaks of customer data, often attacked are indirect crack a weaker system to get into another normally more secure subsystem, the role that passwords play in securing an organization's network both internal and external is often underestimated and overlooked.

Convenience as the Enemy of Security
Even with a complex, easy to remember passphrase, we sometimes get tired of typing it in. Especially for accounts we need to access regularly. In these cases, many people will opt to allow their browser to save their passwords for specific websites.

The problem with this is two-fold.
Firstly, if someone is able to open your browser, revealing all of your saved passwords takes only three mouse clicks. If you are using some browsers, which sync your account information across all devices you use, (including auto-filling your passwords…) then gaining access to your browser on one system could potentially give someone access to ALL devices you have synced to that account.

Secondly, we are also faced with the dilemma that we need to use passwords in so many different places, that most people end up using the same password for multiple accounts. So even if you only allow the browser to store one of your passwords, chances are pretty good that you’ve used the same password for at least three other accounts.

Try to
Use a different password for each of your important accounts, like your email, SQL database, Root, administrator passwords and so on, even the ones for your online banking accounts. Re-using passwords is risky. If someone figures out your password for one account, that person could potentially gain access to your email systems, admin accounts and much more.

Weak passwords provide attackers with easy access to your computers and network, while strong passwords are considerably harder to crack, even with the password-cracking software that is available today. Password-cracking tools continue to improve, and the computers that are used to crack passwords are more powerful than ever. 

Common methods of password cracking

Password-cracking software uses one of three approaches:
  • Intelligent guessing,
  • Dictionary attacks,
  • and Brute-force automated attacks,
that try every possible combination of characters. Given enough time, the automated method can crack any password. However, strong passwords are much harder to crack than weak passwords. A secure computer has strong passwords for all user accounts.. A Weak Password:
  • Is no password at all
  • Contains your user name, real name, or company name
  • Contains a complete dictionary word. For example, Password is a weak password.
A Strong Password:
  • Is at least eight characters long
  • Does not contain your user name, real name, or company name
  • Does not contain a complete dictionary word
  • Is significantly different from previous passwords. Passwords that increment (Password 1, Password 2, Password 3 ...) are not strong

Using numbers, symbols and mix of upper and lower case letters in your password makes it harder for someone to guess your password. For example, an eight-character password with numbers, symbols and mixed-case letters is harder to guess because it has 30,000 times as many possible combinations than an eight-character password with only lower case letters. Contains characters from each of the following four group

Upper Case Letters A, B, C …
Lower Case Letters a, b, c …
Numerals 0, 1,2, 3, 4, 5, 6, 7, 8, 9
Symbols ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | \ : " ; ' < > ? , . /


Add an extra layer of security

Once you’ve created a password, you can add an extra layer of security by enabling 2-Step Verification. 2-Step Verification requires you to have access to your phone, as well as your username and password, when you sign in to your Google Account. This means that if someone steals or guesses your password, they still can't sign in to your account because they don't have your phone. Now you can protect yourself with something you know (your password) and something you have (your phone). Keep your passwords secure
Don't leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. If you decide to save your passwords in a file on your computer the use a trusted password manager may be a good solution.

Having a Secure password is good practice to follow, and can save you time, money, data and maybe your life?

on Saturday July 14 by Peter Atkin
Was this helpful?