Studies Prove, You May Need Longer, Stronger, Safer Passwords
A report analyzing the strength of passwords was released yesterday by security firm, Imperva. The study is 32 million passwords strong, thanks to last year’s Rockyou.com breach. And “never before has there been such a high volume of real-world passwords to examine,” notes the study.Take heed to these key findings in Imperva’s study:
- About 30% of users chose passwords that are six characters or less in length
- Almost 60% of users chose their passwords from a limited set of alpha-numeric characters
- Nearly 50% of users use common slang or dictionary words, names and consecutive letters or digits — the most common password found was “123456″
Note that a study not too long ago also revealed “123456″ as the most common password amongst 10,000 Hotmail, MSN and Live.com users. Is that you? Okay, what about the most popular passwords following “123456″?
Are any of those you? If you have a password fitting the bullet points noted above, change it now! Let’s say a hacker worked off this list… It would only take “one attempt (per account) to guess 0.9% of the users passwords or a rate of one success per 111 attempts.” Now, let’s say this hacker is using his DSL connection (55kpbs connection rate) and each hack is 0.5kb in size… that hacker will gain access to one new account every second. Or, in the bigger scope of things, he just hacked 1000 accounts in less than 17 minutes.
Are you, like me, annoyed at every time you need to create a new password? Are you tired of remembering multiple passwords for multiple accounts on every site or network you frequent? Try these tips when creating a password to remember:
- Renowned security techie and author, Bruce Schneier, recommends creating passwords from a sentence. His example, “This little piggy went to market” transforms into the password, “tlpWENT2m.” Schneier urges you use something personal, and “of course, don’t use this one, because I’ve written about it.”
- Use a password manager, such as Password Safe, to create your passwords. Then, just think of one master password to remember.
- Replace letters with numbers to “leet” it up. This chart may help.
- Purposely misspell words or use homophones. Think “fone” instead of “phone” or take it a step further and use something like “simbowl” instead of “symbol.”
For more tips, check out wikiHOW and Bargaineering.
