Password Tips on World Password Day
Today is World Password Day, which promotes cyber hygiene through the use of strong passwords. The day is significant because it furthers the idea that personal data security is achievable and manageable, even for the non-technical among us. As the day recognizes, an obvious place to start protecting yourself online is creating, and maintaining, strong passwords. And here is the obvious question to the obvious starting place: What makes a strong password?
Here are some CyberVista password tips, with a twist. Today is also National Star Wars Day (May the 4th be with you…get it?) so we are including password tips that relate to Star Wars franchise characteristics to help you remember them.
Make it Lengthy
The Star Wars franchise is up to 10 movies and counting. Being above the 10 mark is also a good idea for password security. Password length is one of the most influential factors that determines its security. In fact, password cracking technologies, known as brute force tools, can crack a complex, five-character password in less time than it takes to type in your password (about a minute). However, a complex, 12-character long password takes what would equate to thousands of years to crack. When picking your next password, aim for a 10-15 character password and protection from the dark side of the brute force.
Make it Complex
Star Wars is noted for it’s complexity –both in characters and universe. Complexity is also a friend of password security. Complexity is achieved through the use of special characters such as #, %, *, !, and +. Special characters help you avoid password attacks known as dictionary attacks that use all the words in the dictionary to try and guess your password. So if one of your passwords is “Tatooine,” go ahead and change that one now.
Don’t Write it Down–Use a Passphrase
Unlike other action fantasy franchises such as The Lord of the Rings or The Walking Dead, Star Wars did not begin as a novel or comic book. Keeping your password off of paper is also a good idea. If your password is anywhere besides in your head or in a secure password manager, it is not secure. When you write down your password, you expand your attack surface. Remember, hackers are more than just technical troublemakers; they also utilize social engineering and physical breaches. If Post-it note reminders are your security standard, hackers will find a way to exploit it, either through deception, trickery, or physical intrusion.
The solution to the write-it-down temptation is passphrases. A passphrase is a random string of characters, but it has unique meaning to the owner. Passphrases are easily created by injecting special characters into familiar phrases or sentences. For example, “May the Force be with you” can easily become “[email protected]/u”. A passphrase allows your passwords to be long, complex, and memorable.
Think Before You Share on Social Media
You can be a Star Wars enthusiast, but you start to annoy people when you overshare on social media about your unsolicited theories, character analyses, and reviews. Keeping a low profile on social media will also help your password security.
Password recovery tools utilize challenge-response forms whose answers are supposed to be private to the password owner. For example, imagine you are locked out of your bank account. In order to reset your password, you need to answer “What was your college mascot?” “What brand was your first car?” and “What’s your favorite movie?” This process is known as “cognitive passwords.” But hackers can find out the answers to these questions by scanning your Facebook and finding images of you with a Dartmouth Big Green sweatshirt posing on top of your Toyota Camry, and reading your post about why The Force Awakens was the best movie ever.
May Security Be with You
Password security is just one small part of overall cybersecurity. But even small steps go far in protecting ourselves and our organizations.