Fortunately, everyone can learn how to make and manage stronger passwords. It’s an easy way to strengthen security, both at work and at home.
Let’s say you need to create a new password that’s at least 12 characters long, and includes numerals, symbols, and upper- and lowercase letters. You think of a word you can remember, capitalize the first letter, add a digit, and end with an exclamation point.
The result: MedicineHat1!
Unfortunately, hackers have sophisticated password-breaking tools that can easily defeat passwords based on dictionary words and common patterns, such as capitalizing the first letter.
Increasing a password’s complexity, randomness, and length can make it more resistant to hackers’ tools. For example, an eight-character password could be guessed by an attacker in less than a day, but a 12-character password would take two weeks. A 20-character password would take 21 centuries.
Learn more about creating strong passwords by organizing security awareness training with your IT provider. In addition, establish and enforce security guidelines and password policies.
Many people reuse passwords across multiple accounts, and attackers take advantage of this risky behaviour. If an attacker obtains one password—even a strong one—they can often use it to access other valuable accounts.
Here’s a real-life example: Ten years ago, Alice joined an online gardening forum. She also created an online payment account and used the same password. She soon forgot about the gardening forum, but someone accessed her payments account years later and stole a large sum of money.
Alice didn’t realize the gardening forum had been hacked, and that users’ login credentials had been leaked online. An attacker probably tried reusing Alice’s leaked password on popular sites—and eventually got lucky.