A new study conducted by Verizon Data Breach Investigations has found that 81% of all data breaches are caused by so-called ‘weak’ passwords being compromised.
Weak passwords are typically short, common, or default terms such as “password”, an individual’s name, a predictable location, a popular phrase and so on. They are also characterised by how easily guessable they are, so more complex passwords that have sequences (E.g. 1234) or that used frequently can also be defined as weak. Consequently, these passwords can be compromised in a brute-force attack in which all possible terms are rapidly guessed by a hacker or software.
An HTML CSS JavaScript Website which gives you 1 stop solution from your password struggles.
This website includes:-
Just type in your password in the input field and it will tell you how strong is your password and how long it willl take a hacker to guess your password using brute-force approach.
(Contributer: Kaavya Saxena)
The generator lets you customise settings like length, Inclusion of UpperCase Letters, LowerCase Letters, Numbers and Symbols and generates a strong custom password according to your needs. The password can then be copied to your clipboard using a Copy button.
To avoid remembering all your passwords you can use the password manager which stores all the important information for you.
(Contributer: Sakshi Pandey)
To get a personalized touch instead of just randomly generated string, you can add a phrase of your choice in "Personal Phrase" section. This will generate your own secure password including a random yet strong sequence of characters along with the phrase which you chose.
The best practices for creating secure passwords are:
- A password should be 16 characters or more; our password-related research has found that 45 percent of Americans use passwords of eight characters or less, which are not as secure as longer passwords.
- A password should include a combination of letters, numbers, and characters.
- A password shouldn’t be shared with any other account.
- A password shouldn’t include any of the user’s personal information like their address or phone number. It’s also best not to include any information that can be accessed on social media like kids’ or pets’ names.
- A password shouldn’t contain any consecutive letters or numbers.
- A password shouldn’t be the word “password” or the same letter or number repeated.
Aside from creating secure and unique passwords for all web accounts, there are other best practices to increase one’s digital security.
- Use a VPN: While passwords keep unauthorized users out of accounts, Internet Service Providers can still track a user’s online activity as well as their devices’ private IP addresses. The only way to hide web activity and IP addresses is to connect not directly to a public Wi-Fi network, but instead to a VPN, which stands for Virtual Private Network. Learn more about finding the best VPN, all tested by our digital security experts.
- Get identity theft protection: While a strong password can go a long way in protecting online accounts, there’s no single action that can protect a user’s personally identifiable information from identity theft. Rather, top identity theft protection software monitors key criminal and financial areas for users’ personal information.
- Install a home security system: Users can protect their homes and families with top-rated home security systems.
- Use antivirus software: Antivirus software scans computers, phones and tablets for malware, viruses, ransomware, spyware and other cyber threats.
- Use a password manager: Password managers store users’ usernames and passwords in encrypted vaults, requiring only master passwords or biometrics to log into accounts.
- Only change passwords when needed: It’s a myth that users should change their passwords in regular intervals. Rather, it’s only necessary to change passwords if the account itself is compromised, according to recent reports.