Cyber security check-up: Are your passwords high risk?

Our advice for password security 

The advent of online systems and apps for everything we do now means we need to remember way too many passwords. Remember the time we had one PIN and struggled to remember that? Now we have dozens (for some people even hundreds) of passwords—or at least you should!

The worst thing you can do is to have the same password for everything. We can’t stress enough that a single password for all your digital accounts is a really bad idea. As tempting as that is, the threat of losing everything or identity theft is a real possibility.

You can’t expect to remember incredibly long strings of gibberish characters. BUT, the more complex a password is, the less likely it is to be compromised. Using numbers, special characters (where the system allows) and a mix of upper and lower case letters creates a strong password. It also makes it hard to remember. 

5 tips for top password security

  1. Real words are easily hackable. Hackers have the ability to write programs to try known words listed in the dictionary. Using a real word and switching a number for a letter is often an easy pick too. 
  2. Ensure that your password is a minimum of 8 characters long. Research shows that non-complex alphabet passwords less than 8 characters can be cracked in less than 10 minutes, whereas a complex password using numbers and special characters would take an estimated 9.5 years to crack.
  3. It goes without saying that you should never share your password and absolutely never put them to paper.
  4. Consider using a passphrase. This is where you take a phrase and use the initial letter of each word to create a password. Think of a sentence you would easily recall. It could relate to the reason you are accessing that particular program. For example, for your bank app it might be I Need Access To My Money. Use the passphrase “INATMM”, and add some symbols or numbers to increase the length to get “INATMM1$”.
  5. Start using multi factor authentication (MFA). This is an option whereby to login to the service requires a second factor (a code sent by SMS or email, or an app like Google Authenticator). This is the simplest way to ensure that even if your password becomes compromised, it remains useless without your second factor of authentication. Read more about multi factor authentication here.

Still don’t think you can remember all of your passwords if they were different? The good news is there are a number of apps that can help you store your passwords safely. Not only does that mean you can have different passwords for everything, it also means they don’t have to be readily memorable. Proceed with caution. Some of these apps operate with bad security practices. We recommend LastPass which can be used on your PC, Mac, Apple iPhone/iPad and Android.

ShowellTech specialises in cyber security for both business and home users. Need advice or believe you’ve been compromised? Call our team on 02 4488 4800.

Best regards,

Justin Showell
Owner at ShowellTech (not Shoaltech… read more about that here)