2. Password Security

Written By Tupicoffs

Passwords are the Keys to your Digital Kingdom.

Are your keys secure?

One of the most important elements of online security is password security and we want to address the importance of it, and how to do it. One of the things we worry about with people's money is the chance of it being stolen, and passwords are the starting point in preventing that from happening.

We want to run through some basic password instructions and tips on how to put together a secure internet password, importantly in a subsequent video we'll be talking to you about how to store passwords. This is to help develop what we would call a master password that allows access to a stored recording of your other passwords. That means one password that you need to remember but it needs to be extra secure because it will allow access to passwords for everything.

Passwords are like an electronic key to people's lives, and obviously a password that's shared or known or discovered opens people up to the possibility that whoever wants to can suddenly be in someone's digital home.

One of the challenges with passwords is that ultimately if enough computer time is run against anyone then figuring out their password is possible, even just through trial and error. It might take seconds, minutes, hours, days, weeks, or years. We want to make sure that the passwords our clients, loved ones, and honestly everyone, use are going to take decades to crack.

Building a strong password

Before any other security measure we want to focus on getting that basic password right. Passwords are cracked many different ways, one of them is simply brute force attacks, someone simply directs a computer's efforts to crack your password on a website. The computer just tries hundreds of millions of combinations until it gets in, sometimes it doesn't take very many attempts to figure it out, because of the passwords that people are using.

We know that plain english language is much more easily hacked than random symbols or characters.

There are ways you can put something together that's meaningful and memorable for you but isn't going to be found in the dictionary. Hackers will also look at social media profiles, so they'll get the name of your spouse, your children, important dates, and then combine those in as many ways as possible as they're known to be often used passwords.

What not to do

Here are the top 10 least secure passwords that we hope none of you recognise.

12345678

Zinch

Asdf

password

iloveyou

12345

123456

123456789

test1

password

We implore everyone to please make sure that you're not using any of these, or even anything similar as your password.

How do you build a password that you know is secure?

The most simple way to make a password very secure is to maximise the options and therefore the work it would take to find it.

If you start with numbers there are a limited number of options available, adding in letters increases the options and combinations. The addition of symbols to a password as well once again adds a massive leap to the number of possible combinations and makes a password incredibly difficult to hack.

However you do also need to be able to remember the password, complex passwords are wonderful until they're so secure you can't get into your own accounts.

To build a complex, unique, and memorable password we recommend;

  • Start by picking something that is known to you and perhaps not to too many others

    e.g. grandparents maiden name of Taylor

  • Taylor is a relatively common name so not terribly secure, so mix that up and change a few things around

    e.g. Tay!0r

  • Still memorable as Taylor but harder to guess, with the addition of an exclamation mark and a zero. It's still a bit short to give strong security, so then we say this particular grandparent is from Tamworth and mix that in as well

    e.g. Tay!0rT4mw0rth

This password now boasts a combination of capital letters, lower case letters, numbers, and symbols. Those elements make a secure password but by adding the personal touch it also makes it one that you're likely to be able to remember. When building your master password this technique allows you to form something you can remember with a few variations that means it's not going to be searchable or findable and especially if it's something more obscure that most people wouldn't know.

We highly recommend that you put this style of password in place to protect yourself from data hacks.

Repeating Passwords

It is impossible to stress enough that repeating passwords is how a lot of people end up losing access to accounts or being hacked when they shouldn't be. If one repeated password accesses everything that you have, then that leaves everything exposed. Additionally password repeating leaves your data vulnerable at the weakest link.

Very rarely is anyone going to try and crack the security of a bank or a gmail account, those are too well protected. But the security at the shoe store or the local coffee shop is much much easier to get through.

If a password is repeated there then there's comparatively easy access with the end result still being to crack banking or email passwords.

Passwords should be at least eight characters long, in our Tupicoffs systems we insist on 15 characters, which again makes it much more difficult to crack than just eight characters.

We recommend that everyone aim for 15 characters for maximum password efficiency and then make the passwords complex, use upper and lowercase letters, special characters, and numbers as you see fit.

When you are asked for passwords, always be cautious about who's asking and make sure that you're sure that you're not giving a password to somebody that shouldn't have it.

Be careful with your passwords, they are the first step in protecting your digital data.

Tupicoffs
Established in 1970, Tupicoffs is the most respected financial planning practice in Australia.
http://www.tupicoffs.com
Previous

1. Introduction
Next

3. Password Manager