Q: What’s the most common password?
A: The word “password”.
Many of us are guilty of creating passwords that are easy to remember – which also makes them easy for cybercriminals to crack. A hacker’s computer can easily guess over 1 billion passwords per second, so it’s a good idea to make passwords as hard to crack as possible. Part of what makes a good password is length:
- If your password is 8 characters long and all lowercase, like “password”, it would take a hacker 3.5 minutes to guess it.
- Just by changing one of those lowercase characters to an uppercase character increases the time to almost 15 hours.
- Replacing any letter with a special character and keeping the uppercase character, like “P@ssword”, means it would take the hacker 70 days to guess your password.
- If you added one additional character to form “P@ssword1”, it would take the hacker’s computer 18 years to guess your password.
- And by adding just two additional characters – “P@ssword11”, you would extend the hacker’s guess time to 1,707 years.
This math continues on to as much as 15,091,334 years for a 12-character password that includes lower case, upper case, digits and special characters. Impressive, right?
But don’t rest just yet. Your password also needs to be random. If it was easy for you to replace an “a” with “@”, hackers are also smart enough to do that. Same with replacing “O” with the number “0”, “S” with “5”, and so on. So you can’t just pick a dictionary word and dress it up.
Your password also needs to be unique, meaning DON’T USE THE SAME PASSWORD FOR MULTIPLE APPLICATIONS. Do you remember hearing that warning before this? Good. Now quit doing it.
So what’s a savvy computer user to do? Carry around all those random, unique, multiple character passwords around in your head? Or (gasp!) written down in your wallet? Nope. Use an online password manager, which means you only have to remember one weird password that meets all those criteria. The online password manager remembers all the rest for you. Click here for PC Magazine’s list of “The Best Password Managers of 2016” . . . and let’s be safe out there.
This blog post is based on a longer article published on www.carbonblack.com which can be found by clicking here.