Strong Passwords and Password Managers

Do you have a unique lock and key for your front door or do you put a pad lock bought at your nearest Walmart to secure your house? It may sound like an unusual question, but this phrase pertains to passwords as well. If we don’t ensure our passwords are strong, we are essentially inviting bad actors to rob us of our wealth and privacy.

Passwords have become intertwined with our work, school, and life at home. This is what makes it so valuable to us, but also a highly coveted prize for bad actors. So, we need to ensure we take password security seriously.

Best Practice for Password Security

To avoid passwords from being compromised, below is a few ways to protect yourself:

• Select a password with at least 16 characters in length, which consists of: special characters, lower/uppercase letters, and numbers.
  • Example: AxKB2ASv>%$'v<lU
• Do not share passwords with anyone through text message, email, or telephone.
• Do not write down passwords on sticky notes or unprotected documents/spreadsheets (e.g. Word, Notepad, Excel, and OneNote).
• Do not reuse passwords across personal and work accounts. 50% of users on the web use the same password for all accounts.
• Do not use birthdays or personal information to generate a password.
• Do not save passwords in web browsers.

Password Managers

What is a password manager? A password manager is a program that can be downloaded for free or paid for (e.g. $3/month) depending on the services you want/need. It provides many services that can make users life a lot easier and secured. Just think of it like a digital safe. Only you can access it and if you choose to share access, that is also a capability. Here is a list of services Password Managers offer:

• Dark Web monitoring: Keeps users informed on data breaches.
• Performs generated usernames/passwords: Instantly creates secure passwords and random usernames.
• Secure Password Vault: All passwords are stored safely using encryption.

If interested, Bitwarden, LastPass, and Keepass are some of the Password managers used for home/business environments.

Statistics You Should Know

Although, having a strong password is not 100%, it significantly increases your chance from being a victim of a password attack. For example, if you had a 7-character password consisting of lowercase letters. This would take the hacker approximately .29 milliseconds to crack. However, if it was a 12 character password that included, numbers, lower/uppercase letters, and special characters. This could take the hacker approximately 200 years to crack. Below is some other statistics to know:

• 80% of hacking incidents are caused by stolen and reused login information. (Verizon, 2020)
• 81% of company data breaches are caused by poor passwords. (TraceSecurity)
• Password attacks using scripts that try to guess usernames and passwords happen every 39 seconds, globally. (WebsiteBuilder.org, 2021)
• Common bad passwords used: Password, admin, abc123, 111111, 123456

If we fail to use best practices mentioned, it could result into catastrophic loss. With all that in mind, we encourage using strong passwords and password managers! Password attacks continue to ramp up and evolve with time, so we need to prevent this attack together. If you have any questions on strong passwords, password managers, or believe your password has been compromised please contact your company's IT department.