Can You Have A Truly Secure Password? Facts And Myths
These days, having a strong and secure password is more important than ever. Passwords protect so many meaningful accounts and files, both personal and business. Because of that, there are many pieces of advice floating around the web on how to choose and protect passwords. But whether all that advice rings true or is even up to date anymore, is a whole different story.
Don’t follow outdated advice and risk getting accounts hacked or data stolen. Here’s a look at what makes a password more secure and whether having a 100% secure password is even possible.
Why Are Secure Passwords Essential?
Password security has become crucial because of many data breaches that occur every month. Data breaches ramped up by 54% in 2019, and they have been increasing year on year before that. Many data breaches occur due to weak passwords and lousy password hygiene, i.e., not taking steps to protect passwords.
Right now, passwords are the most-used form of authentication across the board. But the problem is, passwords are inherently unsafe because it’s easy to compromise them. Most people don’t stay up to date on the latest cybersecurity practices and threat developments.
Those in the security sector work hard on ensuring alternative authentication methods gain more widespread adoption. But passwords will still be the primary way people protect their work and private accounts for some time to come.
So everyone must continue to keep their passwords as strong and secure as possible.
Password Security: The Facts and Myths
Password Myth 1: Changing Passwords Improves Security
There seems to be this misconception that changing passwords regularly make accounts more secure. And many companies enforce it too. But the truth is that all it does is force people to write their passwords down every time because no one can remember them all.
Not only does it make it easier to steal those passwords, but the new password isn’t always more secure than the last.
Password Myth 2: Passwords Have to Be Long
To be fair, longer is better in the case of brute force attacks or securing databases. It takes much longer to crack a password with 12+ characters than one with 6 characters only.
But having a random 6-character password (e.g., “Ij7*F8”) is still better than a long one consisting of dictionary words (e.g., “mysupersecurelongpassword”).
And none of this matters if hackers steal that password in a phishing scam or some other way. Cybercriminals can copy and paste it, in which case the length doesn’t matter at all. That’s why it’s essential to look not only at the length of the password but also at ways to keep it safe.
Password Myth 3: Passwords With More Mixed Characters are Uncrackable
Anything is better than lazy passwords that are so common you could guess them right now – like “admin1234” or “111111”. But making a password more complicated by adding a string of different characters, symbols, and numbers won’t make it bulletproof. They do provide more security, but there’s a limit to that too.
Hackers use password crackers with dictionaries to help them brute force their way into an account. Those crackers look for any special characters too, so in most cases, it doesn’t stop them.
That said, it depends a lot on the sophistication of the software a hacker is using, as well as their computer’s processing power. That is why more mixed characters are better but not 100% secure.
Password Fact 1: Password Managers Help Keep Passwords Safe
The beauty of password managers is that they eliminate the need for people to remember all their different passwords. It also makes it easy for teams in the workplace to share passwords for business accounts instead of sending them online.
A password manager stores the passwords in an encrypted vault and auto-fills them when needed. All anyone has to remember when they use a password manager is their master password. As long as they keep the master password safe (in their memory and nowhere else), those passwords stay safe too.
Password Fact 2: A Random Memorable Phrase Does Work
When hackers crack passwords, they use tools that help them test out billions of different letter combinations to find the right word. What they don’t do that often is look for random phrases with extra symbols. It doesn’t mean it should be something sensible like “mykeyboardisdirty.” Instead, use something random like “Donkey0Table Makes$Win.” Also, notice the use of spaces, numbers, and special characters.
Password Fact 3: Using Different Passwords For Every Account is Important
The problem with data breaches is that they allow criminals to retry the passwords they steal everywhere else. And because people reuse their passwords, they often get into their other accounts because of it. By not reusing a password, a person’s other accounts stay safe even if hackers compromise one of the passwords.
Many password myths are going around. It sometimes makes it hard to recognize what counts as a safe password habit and what doesn’t. Hopefully, these answers clear things up a bit and make it easier to protect your passwords. In the end, there’s no such thing as a truly secure password. But the point is to get it as close to secure as possible.