RECKON you’ve got good passwords? Make sure you’re not making any common mistakes.
Cybersecurity experts have revealed dangerous password habits you need to break.
1
For instance, don’t use passwords like “Cleopatra” or “GGGGGGGG” in your apps.
A new memo from Specsops Software details where you’re likely going wrong – and how to stay safe from dangerous cyberattacks.
“Longer passwords are better,” said Darren James, Senior Product Manager at Specops Software.
“However, it’s important to understand that equipping users with strong, lengthy passwords isn’t a foolproof way to avoid compromised credentials.
“Attackers can still find workarounds – and user behavior can undo a good password policy.”
For instance, it turns out that the most common length for a compromised password is eight characters.
According to Specops Software, around 212.5million compromised passwords were this long.
And importantly, significantly fewer passwords are compromised as character length increases.
Most read in News Tech
For instance, 121.5million passwords were compromised that were over 12 characters long.
But just 31.1million passwords over 16 characters long were hacked or leaked.
It’s also important to not make the common mistake of using numbers only.
The report notes that it’s much faster for crooks to “crack” a password that only contains numbers.
It’s also a bad idea to use passwords that are lower-case only.
The safest passwords use a combination of letters (upper and lower case), numbers and symbols.
Combining this with a large number of characters can make it exponentially harder for your password to be “cracked”.
Here’s the list of most commonly compromised passwords by character length:
- 8 characters: password, research, GGGGGGGG
- 9 characters: GGGGGGGGG, anandIGBZ, cleopatra
- 10 characters: OOOOOOOOOO, GGGGGGGGGG, passwordGG
- 11 characters: Sym_cskill, sym_skillO, FoxracingII
- 12 characters: sym_cskillOT, sym_cskillOG, sym_cskillOB
- 13 characters: mcafeeptfcorp, CirixTargusI, rubyflankerG
- 14 characters: hacktheplanetI, trendmirco.com, Minecraft.A.S
- 15 characters: SY&cutskillsIO, Sym_newhireOEIE, sym_newhireOAIE
If you use any of the passwords on this list, you should change your login immediately.
Criminals will often attempt to use commonly leaked passwords on accounts to see if they’ve been used by other people.
According to Specsops Software, re-using compromised passwords of any length means your login can be hacked “instantly” .
“The bigger risk though is attackers getting their hands on a database of passwords from a less secure website,” Darren explained.
Read More on The Sun
“Even if the passwords are hashed, the attacker has all the time in the word to try and crack them.
“And then figure out who those people are.”
