Most of the passwords we use consist of letters, both uppercase and lowercase, a few numbers, and one or two special characters. This is what we are advised to use when registering on a website.
The combinations are supposed to be more secure. But is this really the case?
One former hacker turned cybersecurity pro has revealed that what we might think is the most effective password may not be the most secure.
In one test where all types of characters were used to create a password, the former hacker said that it would take him at most thirty days to crack it. But a password which is a phrase, such as ‘'mydoglovestogoonTV', would take forever to work out.
"Something like this will take longer to crack,” says Gianino Cuignet, now director of security at Redsystem. “There is also statistically less risk of a complex phrase ending up in an already existing list of passwords. So indeed, it will be safer."
- EU Justice Commissioner targeted with spyware attack
- Thousands of websites steal your data before online forms are validated
- Netflix to add more live streaming in bid to attract more subscribers
Although random and meaningless jumbles of symbols are difficult for hackers to crack, they are also very difficult to remember. For example: P]8gT8Pv/(5! E7v3fDt is a great password but most people would have trouble remembering it and would need to write it down – which defeats the object of a secure password.
Are there any foolproof passwords that are easy to remember and are super secure? Not really, according to the Belgian Centre for Cybersecurity. It says that passwords are outdated and that we must think about double authentication.
“It is best to rely not only on a password but also an additional layer of authentication. For example, an SMS that you receive and that gives you a specific code,” says the centre’s deputy director Phédra Clouner. “That gives your accounts far more security because even if the hackers have your password, they obviously lack the second step to be able to access your accounts."
One last option is a password manager, a software that stores them for you. A version of these are often integrated into some search engines and computers by default. But even these still require a password, and this one had better be good!