Our lives have moved online. Consequently, the number of online accounts we manage has also increased. We use a password to identify/authenticate ourselves online. And, it has become necessary to choose a secure password that is tough to crack.
It isn’t advisable to use similar passwords across platforms. If we do so then it would lead to Credential Stuffing. If one of our accounts is compromised then attackers would try to use the same password across different platforms. And, if our password is the same then the attacker would gain access to our other accounts as well.
Apart from that, the use of easy-to-guess passwords, and keeping the password unchanged are some common mistakes users do.
It is worth mentioning here that, the length of a password is as crucial as password complexity. The more complex a password is harder it is to crack. But, if there are less number of characters in the complex password then the attacker can break it easily with less number of tries. So, overall it is the number of characters we use in our password that decide the time it would take the attacker to break it.
The formula to calculate the possible number of combinations an attacker has to try is,
the total number of password combinations = (number of character keys) ^ (length of the password)
For instance, if we use only lowercase letters for a password length of three then, the possible number of combinations would come out to be: 26 ^ 3 = 17576. So, in this case, the attacker has to use only 17576 combinations.
Longer passwords stand a better chance. But, that isn’t all. If we add complexity to the length then, it would become even harder for the attacker to break it. Lengthy and complex passwords which include letters, numbers, symbols, etc. should be used.
But, with the increase in the number of online accounts we manage it isn’t possible to remember each of the passwords. We can use a reputed password manager to store our passwords. Not everyone would be comfortable with the idea though. As there are accounts that are considered critical and storing their UserID and Passwords on any platform isn’t an option for many. Such users can memorize such passwords.
Always use a password that is unique, memorable, lengthy, and complex.
Besides, use multi-factor authentication methods as well. It provides an additional layer of security. If an attacker is somehow able to get our credentials and if we have enabled multi-factor authentication then that would limit the harm. The attacker may not be able to access our account then.
Also, most organizations would prompt users to periodically change/reset their passwords. So, always use a new password. It shouldn’t be related or similar to the previous password you used.
If it’s the account with the bank that has been compromised then immediately get your account access locked by contacting the bank.
Overall, we need to ensure that the password we use is strong and secure. Take corrective measures if you find something that isn’t alright.