Did you know that entire databases of cracked passwords are bought and sold on the dark web? Do you wonder whether your password is one of the ones that the bad guys already have? In this article, we’ll show you how to check the passwords you have and how to create more secure passwords.

Click Here & Find If Your Password Has Been Compromised

Have You Created A Strong Enough Password?

How Can A Criminal Guess Your Password?

Unfortunately, getting your password isn’t a guessing game for cyber-criminals. It’s simply a matter of using the tools they have at their disposal. If your password is not long enough and complex enough, they can use computers to “guess” your password one letter, number, or symbol at a time. Sure, It’ll take them hours, maybe days, but they’ll do it.

How?

Well, criminals buy the best computers and then tie into a cloud network of hundreds of virtual computers. With this kind of setup, they can use a database as simple as a dictionary to make more than a billion password guesses a second. The three most common attacks that criminals use on our passwords are:

  • Phishing – Emails sent to your inbox that seem to be from a company you do business with, but are asking for a password or account number.
  • Dictionary Attacks – As we have already described, in this attack, the criminals automatically use a dictionary database to guess what your password is.
  • Custom Word List Attacks – Criminals use custom word lists such as is sold on net to systematically rule out possible passwords and discover the one customized word or word mash-up that you are using as a password. According to the founder of crackstation.net, “The list contains every wordlist, dictionary, and password database leak that I could find on the internet (and I spent a LOT of time looking). It also contains every word in the Wikipedia databases (pages-articles, retrieved 2010, all languages) as well as lots of books from Project Gutenberg. It also includes the passwords from some low-profile database breaches…

One method of a custom word list attack is for a criminal to gain access to your computer, make a list of all the words in your computer’s files, and use that list to guess your password. Many people do have their passwords – or the words that make up their passwords – on their computer.

  • Brute Force Attacks – When all else fails to come up with your password, the criminals turn to a brute force attack. This is where having a very long password (12 characters or more) serves you well. In a brute force attack, the criminal has to wait as his/her computers guess at the password – one letter at a time. Hopefully, if you have created a strong password, it won’t be worth the criminal’s time and energy to wait for the brute force approach to wait for the password (at more then a billion guesses per second) to be cracked.

How Do You Find Out If Your Password Has Already Been Cracked?

Here’s the deal. Your account – banking application, social media profile, software subscription, website – doesn’t have to be breached in order for your password to be “cracked” or compromised. In fact, you may be perfectly secure – not knowing that the criminals already have your password.

How does that work?

Well, we all think that we are original when we come up with our latest “brilliant” password. But the truth is that the English language (really any language) has a limited vocabulary and only so many ways to put words together in a way that is “cute” or memorable. Even if your accounts are currently secure, a criminal may have cracked the same password that you have on someone else’s account. As a result, your password might be on one of the custom lists we spoke of earlier.

Scary isn’t it?

Check this web page (https://www.greatinsight.com/password/) to discover if the password you’re currently using (or are thinking about using) has already been cracked and is on a criminal’s custom word list. The Insight Technologies team has put the password checker together to help people avoid passwords that are already known to criminals.

How Do You Create A Secure Password?

Here are some tips and methods that the IT security professionals of Insight Technologies suggest.

Tip #1 – Don’t use a password with any fewer than 12 characters – the longer, the better.

Tip #2 – Use the whole keyboard, not just the letters. – Include symbols, capital letters, numbers, and lower-case letters.

Tip #3 – Don’t use a word that’s in the dictionary, names, places, or a phrase that is a combination of words that are in the dictionary.

Tip #4 – Don’t depend on the letter, number, symbol substitutions that everyone already uses. Such as @ for a, 1 for I, 3 for E, etc.

Tip #5 – Don’t display your password. We’ve all seen the embarrassment of company execs that have written their passwords on post-it notes stuck beside their computers, only to have those passwords show up in a picture that someone took at the office and posted on social media.

Password Creation Method #1 – Bang on the keyboard

We aren’t kidding. If you bang on your keyboard while alternating the shift key, you can come up with some very good passwords such as MJgt(8T7i5ukLo98&^tgKo7^g

Password Creation Method #2 – Spell words wrong on purpose.

By using variations of spelling, capitalization, numbers, and punctuation, you can create a much more secure password than the original. For example, the password “claypot#1” becomes “KlaApoP.0n”.

Password Creation Method #3 – Change a sentence into a password.

Take the first letter of each word in the sentence and create a password from it.

The sentence, “Take the French fry to the ball game and buy a 1 dollar popcorn bag” becomes the password, “TtFFtTBG&ba$1Pb”.

Password Creation Method #4 – Change twelve random words into a password.

Find twelve random words that are not connected to each other by any theme and use the first letter from each word to make a password.

The words, “ball, post, plant, cup, BBQ, snow, Nevada, twenty, year, sock, cloud, pizza” become the password “BppCBBqsN20YScp”

It’ doesn’t take long to memorize the twelve words you need in order to remember your password.

Password Creation Method #5 – Person, Action, Object

By taking unrelated people, actions, and objects, you can create a better password.

In this method, you choose a random person such as Nick Nolte, a random object such as PlayDoh and a random action such as bungee jumping. Put the three into a sentence.

Nick Nolte landed in forty tons of PlayDoh while bungee jumping in Puerto Rico.

That sentence then becomes a password. “NNli40ToPDwBJiPR”

For extra security, throw in a symbol or two.

What Good Password Practices Should You Follow?

  • Change Your Passwords Often
  • Never re-use a password
  • If you’re going to re-use a password, make sure that you are re-using passwords from sites/applications that can’t be used to harm you if the password is compromised.
  • Use a password manager. There are many good ones out there. The Insight Technologies team can point you to the best ones for your needs.

Want to read more helpful articles? We’ve got three great ones for you here.

Simulated Attacks Reveal How Easily Corporate Networks Fall Prey to Hackers

Amazon AWS Vs Microsoft Azure: Which Cloud-Based Infrastructure Reigns Supreme?

Questions To Ask Your Web Developer (Questions/Answers)

Need A Trustworthy and Reliable Business IT Services Company In The Red River Valley?

Insight Technologies Wants To Be Your Next Information Systems Support Company.

Not Comfortable Filling Out Our Form?
Call or Email Us To Speak With One Of Our IT Consultants.

Insight Technologies

Grand Forks
2600 Demers Avenue Suite 101 Grand Forks, ND 58201

Fargo
1402 43rd Street South
Suite 200
Fargo, ND 58103

Phone: (800) 279-4796 Email: info@greatinsight.com