ru24.pro
News in English
Июль
2024

Android and iPhone owners warned of ‘password myth’ that lets log-in be stolen in seconds – three rules never to break

0

A COMMON password myth could be leaving your online accounts exposed.

Security experts are urging all gadget owners to check their account passwords to make sure they’re not falling foul of a key rule.

Alamy
Make sure your password is long enough[/caption]

It’s linked to the length of your passwords – it may be far too short to stay from being “cracked”.

That’s when crooks use apps to guess endless combinations of log-ins to try to break in.

“In 2024, a strong password is a long and complex password,” explained Ashley D’Andrea, of Keeper Security.

“In the past, a strong password was considered strong if it contained 12 characters.

“However, the standards have now changed to recommend a strong password be at least 16 characters long.”

The difference in how long it takes a password to be cracked based on length can be staggering.

A 2023 report from Oberlin College revealed how a password of numbers only could be cracked “instantly” if it contained fewer than 12 characters.

Meanwhile a 16-number password would take an hour to crack.

A password of lowercase letters might take a hacker 14 hours to crack with 12 characters.

But this rises to 713 years with 16 characters.

THREE PASSWORD RULES TO FOLLOW

But character length isn’t the only issue.

“Not only should your password be 16 characters long to be strong, but you should also include a variation of uppercase and lowercase letters, numbers and special characters to make it complex,” Ashley explained.

The same cracking report from above says that while a 12-character password with numbers, upper and lowercase letters, and symbols takes 226 years to crack – it would take five billion years to break into a 16-character equivalent.

STRONG PASSWORD TIPS – DON'T IGNORE THEM!

Here's what you should be trying...

  • Use a Mix: Combine uppercase letters, lowercase letters, numbers, and special characters.
  • Avoid Common Words: Steer clear of easily guessable words and phrases.
  • Length Matters: Aim for passwords that are at least 12 characters long.
  • Unique Passwords: Use different passwords for different accounts to enhance security.
  • Passphrases: Consider using a series of random words or a memorable sentence.
  • Memory Tricks: Use mnemonics or acronyms to remember complex passwords.
  • Password Managers: Utilize password management tools to store and generate strong passwords.

Similarly, don’t re-use passwords or you make a hacker’s life much easier.

Secondly, it’s important to make sure you’re not putting anything silly in your password.

“A great way to make sure you have a strong password in 2024 is by avoiding the use of common words or phrases as well as any personal information,” Ashley said.

“For example, imagine your pet’s name is Buddy and you decide to add your birthdate to your password to make it Buddy1387.

PASSWORD RULES – DON'T BREAK THEM

Here are some important tricks to follow, as revealed by Keeper Security…

  1. Make sure to use a combination of upper and lowercase letters. It’s much easier to “crack” a password if it only uses lowercase letters.
  2. Never include personal data like your birthday, street address, and certainly not your name.
  3. Ensure that every password has at least 12 characters. This will significantly increase the time it would take a hacker to crack your login.
  4. Include symbols whenever you can. Not all services allow this, but if you can add question marks, exclamation marks, hash symbols, and slashes, your password will be far safer.
  5. Ensure that you’re using varied and non-sequential numbers. So, rather than having 1234 at the end of your password, mix them in and use a random order.
  6. Avoid, where possible, using words found in the dictionary in your password.

“A cybercriminal can use publicly available information, such as your social media profiles, to gather this information about you and your pet from your online accounts, then use that to gain access to them.”

And thirdly, don’t let your account’s safety rely entirely on a good password.

Turn on two-factor authentication so you need another piece of info to log in – like a code sent via text, or through an authenticator.

And if your account has the option to use Passkeys (which can’t be leaked) then turn those on too.