Member Article

What’s in a Password?

Keeping your online data safe is a challenge each one of us faces: From shopping at your favourite online store to managing the company website or even chatting to friends via social media, the first step usually involves entering your email address and then trying to remember that all-important password.

Some experts estimate that the average person must now remember approximately 40 different passwords to access the growing numbers of online accounts we all hold – and with many sites demanding an increasingly complex combination of numbers, letters and symbols are we at risk of information overload, or is it a necessary measure to keep our online data secure?

When it comes to protecting the information your store online, it’s important to use a complex password and here’s why:

Should I change my password regularly? There are two different schools of thought when it comes to changing passwords. One argues that having a strong password in place is better than regularly changing a password which often becomes weaker over time. Others argue passwords should be changed every few months.

Changing passwords regularly means that if your details fall into the wrong hands they can’t be used over an extended period of time. Whilst it’s advisable to change passwords regularly, it’s important not to fall into the trap of creating weaker passwords. Never use the same password to access different accounts.

If you have an account which is important but not frequently accessed, the attack may go unnoticed for some time. Always change your password when an account has been compromised.

What happens when a password is compromised? Depending on the target of the attack, information ranging from email addresses to banking details may be at the mercy of a hacker. When email accounts become comprised it can open the door for thousands of spam messages to be sent in your name within a matter of minutes. Whilst inconvenient for personal emails it can have a devastating impact on businesses who may find their IP address blocked and logged on a blacklist, something which typically takes time to resolve.

Computers are much better at guessing than humans and can perform hundreds of guesses per minute for months on end without a break. It’s worth remembering that software won’t necessarily block an attack like this, if it’s undertaken over a period of time.

What is a complex password? Complex passwords use a minimum of eight characters although typically they would use more than 20 characters which are made up of a combination of capital and lower case letters, numbers and symbols.

The more unusual the password, the more difficult it will be to guess. Using complex passwords can significantly reduce the chance of your accounts being compromised.

Why do I need a complex password? Complex passwords make your account details much more difficult to guess, reducing the chances of your data being compromised. It is good practice to use different passwords for all accounts you access via the internet. This means that if one account is compromised, the rest of your data remains reasonably secure.

One of the most common ways in which hackers access accounts is known as a ‘brute force’ or dictionary attack: This is where hackers test the vulnerability of a website by trying multiple usernames and passwords from a long list or dictionary until they force their way in. The number of times that hackers are rattling the windows and testing the doors to see if they are unlocked will surprise you – as there is an almost constant stream of opportunistic thieves waiting to take advantage of your vulnerabilities.

Using a word or phrase which can be easily guessed is the equivalent of leaving your home, locked but leaving the keys in the door. A complex password helps to reduce the chances of your details being exposed.

How do I create a complex password (and remember it)? There can be many different ways to create complex passwords. They can be randomly generated by different websites and although this can make it difficult to guess, it can also make the password difficult to remember!

One of the most effective ways of using complex passwords is to use a password manager programme. Password managers typically use two-factor authentication which adds an additional layer of security, with the added advantage of only needing to remember one password.

Some programs also provide notifications when an attempt has been made to access your details.

You can also strengthen the security of online accounts by using two-factor authentication, which means that you aren’t just relying on the strength of a password. Many password managers provide this service as standard.

Want to know more? If you would like further information on passwords and keeping your details safe online, email us at sales@hahosting.com or alternatively you can speak to our team by calling 0114 228 0022

Rory Delahoyde is the Managing Director at HA Hosting, home of the Sheffield Data Centre.

This was posted in Bdaily's Members' News section by HA Hosting .