Although passwords such as “123456” or “111111” may be easier to remember, they put you and your clients at risk.
“The complexity and length of a password determine the length of time to crack a password,” says Adam Thorn, president of Tech U Can Use (TUSU) in Toronto.
For example, someone using a brute-force tool — a trial and error program that decodes passwords by exhausting all possibilities — can crack a lower case, eight-character password in approximately eight hours.
“Add just one more letter and that time to crack [the password] becomes nine days,” Thorn says. “One more and the time to crack [the password] is 239 days. Add upper and lowercase [letters], numbers and symbols to that mix, and the time to crack [the password] is 29,000 years.”
To make your passwords as secure as possible, here are a couple of key tips:
Don’t reuse passwords
Using the same password for multiple accounts may deter forgetfulness, but it doesn’t do much for the security of those accounts.
“Think of it like this,” Thorn says. “If the same key unlocked both your house and your car and someone stole your car, your home would be the next logical target.”
So, if you don’t want someone signing in to your customer relationship management platform after cracking your email password, it’s time to start using separate passwords.
Read: Take steps to protect your practice from increasing cyber risks
Use memorization tools
As multiple complex passwords can be difficult to remember, you’ll want to employ pneumonic devices when possible.
Thorn recommends using a memorable line from a song or poem and altering it slightly for each account. If the service allows, include a space between each word.
To make your passwords more intricate, Thorn says, use capitalization and replace words with numbers and symbols.
Says Thorn: “A r0!!ing st0n3 gath3r5 n0 M0$$” [a rolling stone gathers no moss] would be a great password and not that hard to remember, subjectively speaking.”
Photo copyright: sebra/123RF