Almost everything we do online that involves personal information is protected by a password. In many cases, this password can be the weakest link in the line of defense between your data/information, and prying eyes that would love to get hold of it. For this reason, a robust and secure password is essential.
Passwords can be subject to a ‘Brute Force Search’. Essentially, every possible combination of letters and numbers is attempted until the correct combination is discovered. Simplistic passwords are easily discovered using this method. The strength of a password is measured in bits. A 42-bit strength password would require 242 attempts to exhaust all possibilities. For this reason, the longer and more complex a password is, the harder it is to discover.
An easy way to create a strong password it to think of a phrase, for example, ‘She sells sea shells by the seashore’. Alter this phrase using symbols and numbers in place of the letters and words to create a password. E.g. Sh3se11sCSby7heCsh0re. It may seem complex at first, but by remembering the original phrase you can more easily remember the combination of letters and numbers. Plus, once you’ve typed it multiple times, it often comes from simple muscle memory. You might not even need to look at the keyboard!
2 Step Verification
You may have heard of a security method knows as 2 Step Verification. It is available for many services including Google, Apple, and Microsoft accounts. It adds an extra layer of security to your passwords. It works like this: With 2 step verification set up, you type your password to access your account. Your log in attempt now requests a security code. This code is sent to your mobile phone in a text message. You type in the code and access is granted. If an unauthorised person gains access to your password, they would still not be able to access your account as they would not receive the code that was sent to your phone. This also alerts you to the fact that someone is attempting to access your account, letting you know that your password may have been compromised.
Other methods include having the code sent to an app on your phone, or to an email.
Using a single complex password for all your accounts is better than a simple one, but it’s even better to use a different complex password for each account. This can make remembering them all a bit tricky! To get around this you can use a password manager. This will store you’re your passwords in a program protected by a single master password. It can be built in, such as Apple’s Keychain, or 3rd party, such as Dashlane.
Some of these programs can even generate highly complex passwords for you to use, however this makes using the manager necessary to access accounts, as they are often too complex to remember. They also require a complex master password, which can be subject to the same sort of Brute Force search mentioned above. Provided your master password is a complex and secure one, all of your additional passwords should be safe.