How safe are your passwords really?
Updated: Dec 9, 2022
All of us need passwords daily, for phones, for PCs for bank access etc. but can you say, hand on he
art, that you use a different, complex password for every portal, application, or electronic device you use?
I reckon that very few can, most have a small group of words and numbers that they use for everything, including their banking, usually with subtle variations.
Did you know that a password of 8 standard letters contains 209 billion possible combinations, but a computer is able to calculate this almost instantly? *
Adding one upper case letter to a password dramatically changes a computer's time to crack a password, extending it to around 22 minutes. But a 12-character password containing at least one upper case letter, one symbol and one number would take 34,000 years for a computer to crack (currently)! Obviously then, this is the way forward, right?
The excuse is remembering them. However complex or not, they get written down in diaries, saved in text files on a phone, or best still, on yellow stickies stuck to the front of a PC for the whole office to use.
These days there are apps that help us, designed so we might only have to remember one complex password to gain access to all our other passwords. Most are cloud based so are accessible wherever you are.
Chances are that the web browser you are using will securely store your passwords and generate complex ones when you need them (it’s amazing what a right click on your mouse will do over a password field!)
But we are no
w in the age of biometrics and Multi-factor authentication (MFA).
Biometrics is based on our inherent physical attributes or who we are, eg. fingerprints, or facial recognition used by our mobile phones and laptop cameras.
So it uses,
· Knowledge – something only you know
· Possession – Code generated by a smart device app
· Inherence – fingerprint, facial recognition
MFA is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an app. So, you will need a username, a password, AND either a biometric input or a onetime code generated from an app and sent to either your phone or email. Or, sometimes MFA will use security questions that relies on only you knowing the answers, such as what was your mother’s maiden name? Name of your first pet etc.
Never give out your passwords to anyone, ever, never!
Need assistance, get in touch!