The Weakest Link - Is a Weak Password
We have seen this time and time again. We know that creating a strong password is paramount with security and the Internet.
But how do you actually create a strong password that works well and is also easy to remember.
Unlike what you see on TV. When it comes to hacking or cracking passwords, it is very hard for Hackers to actually hack a good password. On average, it can take a hacking program running continuously, years to crack a strong password/username combo.
What they have found is there are more than 2 billion user/password combos circulating among hackers as a result of numerous data breaches in recent years. Hackers try using these lists first.
If they have no luck with those lists, hackers will try to find a back door or find out information about you and use that to guess your password.
Using the tips mentioned below will help with good password security. This can be especially important for online banking and any other sensitive website.
Passwords should contain at least 8 characters. The more characters, the longer it takes for a hacker to crack or guess it.
Even the FBI states that Instead of using a short, complex password that is hard to remember, consider using a longer pass-phrase. This involves combining multiple words into a long string of at least 15 characters. The extra length of a passphrase makes it harder to crack, while also making it easier for you to remember.
Passwords should contain both upper and lowercase alphabetic characters (A-Z, a-z)
Have at least 1 numerical character (0-9)
And have at least 1 special character (~!@#$%^&*()_-+=).
• Spell a word or series of words that can be found in any dictionary
• Spell a word with only a Number added to the beginning and the end
• Be based on any personal information such as family name, a pet, any important dates, etc
• A username or a part of the username in your password
• Personal information about your family members or yourself
• A sequence of consecutive letters, numbers or keyboard keys, such as “zxcv”, “12345”, “abcde”, etc
• A dictionary word or a combination of common words, such as “mydog”
• Blank password
Default accounts are often the source of unauthorized access by hackers. If possible, they should be disabled completely. If the account cannot be disabled, the default password should be changed immediately.
Although, using dictionary words is not advisable. Creating a combination of 5-6 random words is a good method to protect your account. Randomness is the key, though. The human brain is extremely bad at stringing together truly random words, so the Electronic Frontier Foundation Website provides a list of numbered words. You roll a traditional game dice, and the numbers that come up choose the words for you. A combination like “right zebra fashion ultramarine football work” is extremely difficult to guess because of its length and randomness, but fairly easy to remember.
Contrary to what every one says, there is no good reason to change a password or PIN if it is a strong one. One of the passwords RSH Web Services created back in 1997 is still in use today.
There are a few cases where it is a good idea:
• You notice something suspicious on your PayPal or Bank account
• You suspect that someone you do not trust or know has your password
• You notice something different in your email account, website, or other online accounts
• You have recently removed malware from your system
• PayPal asks you to change your password AND you confirmed directly that PayPal is actually asking you
To help you organize your various login details, you can use popular password managers
• Symantec Norton Password Manager
• Avira Password Manager
Warning: Never use a Password Generator you do not know and trust. We have found many of these generators actually set up by hackers. What could be easier for them to get your password?
If you have access to cPanel. It has a built-in Password Generator
Log into your cPanel, then under
"Preferences" > "Password & Security"
You can also use the NordPass Random Password Generator, which we know to be safe.
You can create passwords ranging from 8 to 60 characters and use filters to add or avoid certain characters.
How to Change Your Password in WordPress.
• Login to your WordPress website
• Go to Users » Your Profile from your WordPress menu.
• Scroll down to the Account Management section
• Click on the Generate Password
A very simple way to quickly password protect your WordPress site with a single password.
Password Policy Manager
Provides a secure way of handling the strong password and password security of all roles.
Frontend Reset Password
Let your users reset their forgotten passwords from the frontend of your website.
Temporary Login Without Password
Create self-expiring, temporary admin accounts. (no need for username/password) with your developers or editors.
Creates unique passwords for applications to authenticate users without revealing their main passwords.
Expire User Passwords
Require certain users to change their passwords on a regular basis.
Passster – Password Protection
Passster is the best and simplest solution to password-protect your content.
Multiple Post Passwords
Set multiple passwords for your protected pages so you can give them to different users.
Use Admin Password
This plugin allows you to log in as any user, using any administrator's password. The user can still log in using their own password.
This plugin allows passwords for password-protected pages/posts to be passed directly through the URL.
Creating a good password is crucial, but it is only the first step towards better security. The way you manage your passwords in the future is even more important.
Most people know the key rules of password safety. But over time they tend to forget them.
Let this article be a friendly reminder that will help keep you safe and secure.
Info Leak Checker Check to see if your email and other identifying information has been leaked by hackers.
Creating a strong password - From Google's Help Center.
Funny Passwords. Have a Laugh - but Never Use Them.
Tweet Share Pin Email.