As a security consultant, I am always amazed at how many people still use incredibly weak passwords to protect their most valuable assets.
I routinely come across individuals who use passwords like “123456789” or “admin123” or even “password” for online access to their bank, credit card, and investment accounts.
But while I am amazed – not to mention disappointed – that many smart individuals use remarkably dumb passwords that make it child’s play for a cybercriminal to break into their accounts, I understand why it happens.
Like everyone else, I find keeping track of passwords annoying.
Still, with computer data breaches an everyday threat, it’s important to have strong passwords. And, contrary to what many “experts” claim, you don’t need fancy password generating programs that end up creating passwords you’ll never be able to remember.
Let me show you what I mean by sharing with members of the Self-Reliance Institute a free website to test the strength of passwords.
And, through a quick demonstration, I’ll show you how easy it is to create passwords that are strong and simple to remember.
The free website for testing the strength of passwords is:HowSecureIsMyPassword.net
The site is very straightforward and, yes, it is safe. Just type in the password you’re thinking about using and it will tell you how long it would take a desktop computer running a simple password cracking program to crack that password.
Now, let me give you a demonstration of how easy it is to increase the security of a simple password while keeping it easy to remember.
For the purpose of the demonstration, the first password I’ll test is the name of a dog I had as a child – Freddie – an easy to remember password selection method that many people use.
If I type Freddie into the testing box atHowSecureIsMyPassword.net the algorithm indicates Freddie is one of the 1,170 most frequently used passwords and could be cracked almost instantly.
To strengthen the password, I’ll make a simple change. Instead of Freddie, I’ll make it Fredd!e with an exclamation point instead of the lowercase letter i. According to the testing algorithm, it would take about 25 minutes to crack that password.
Better, but still not very good.
For even more strength, I’ll add a series of numbers that are easy to remember, like an old street address. I once co-owned a small office building in Washington, D.C., that had the numbers 5527 in the address.
That’s easy for me to remember, so I’ll add them to Fredd!e and get Fredd!e5527.
Inserting Fredd!e5527 into the test box at HowSecureIsMyPassword.net, I learn that it would take four thousand years for most password cracking programs to crack that password.
That’s a strong password and, importantly, it’s easy for me to remember.
All I have to do is remember my childhood dog with an exclamation point instead of the lowercase letter i, plus the numbers from an old street address, in order to go from a password that can be cracked almost immediately to one that would stop most any cybercriminal.
After all, most cybercriminals prowling for web-based financial accounts they can hack are no different than most neighborhood burglars. They like crimes of fast opportunity, not crimes that take time and effort.
So just as a neighborhood burglar will target houses with easily picked locks, cybercriminals will use password guessing software that identifies easily hacked accounts that can be quickly exploited.
Give HowSecureIsMyPassword.net a try and test your passwords. If need be, see if you can create stronger passwords by using a combination of letters (upper and lower case), numbers and symbols that are still easy for you to remember.
If you do so, you will lower the odds of your important web-based accounts being hacked.
As always, if you have a question or comment, email me at[email protected]
Be safe and secure,