Strong Passwords Are Strong Defense Against Cybercrime

Avatar photo
Ryan Palermo

You may have seen the game show Password, where one partner gives clues and the other guesses the secret word. With the right hints, it’s easy for the guesser to get the password right. The same holds for cybercriminals trying to hack into your network by guessing your users’ passwords.

Many Americans Are Not Making Wise Choices When It Comes to Passwords

A study conducted by Google in conjunction with Harris Poll found that keeping track of passwords is a source of frustration for the majority of Americans. A whopping three in four respondents say they struggle with passwords.

  • 24 percent of Americans have used some variation of the following weak passwords: abc123, Password, 123456, Iloveyou, 111111, Qwerty, Admin, and Welcome.
  • 27 percent of Americans who have tried to guess someone’s password, 17 percent have guessed it correctly.

But just because it can be frustrating to create more secure passwords doesn’t mean it should be done. According to the Verizon Data Breach Report, weak or stolen passwords were responsible for 80% of hacking related breaches. Hackers are using technology to discover passwords quickly and easily. Here are some things to consider for all the places you or your team use a password to access.

Longer Equals Stronger

The recommended length of a password has grown from eight to twelve characters, and it can take a professional hacker less than an hour to decrypt an eight-character password. Simple dictionary words are scanned through “brute force,” a computer-generated hacking method. Next, the computer tries the terms again with “!” or “?”. Then, the words are scanned with 3s replacing Es, 5s replacing Ss, or @ replacing the As, etc. The longer the password, the more difficult it becomes to crack it using brute force.

What makes a good password?

Avoid the obvious, like birthdates, 123456, or (gasp) “password.” Seventy-three percent of passwords are duplicates and 54 percent of users leverage five or fewer passwords for all of their online accounts. Don’t use the same password on different sites. And stay away from anything that might be easy to figure via a simple word in the dictionary, a word with letters replaced by numbers, or an easy word followed by $, !, %, etc.

Changing passwords frequently used to be recommended as a good password practice. Research has recently found that when folks are required to change passwords regularly, they end up just using some form of the last password, which isn’t really effective. The key is using a strong password to begin with and then not having to change it unless there’s a breach.

Often people use short, easy passwords or the same complex password because it’s too hard to remember many complex passwords. A password manager can help you create and keep complex passwords safe. And to access your password manager, you’ll use multi-factor authentication (MFA) to keep your list secure.

Teach These Tips to Your Team

Your networks are only as secure as your weakest link. Help your employees, vendors, and customers understand why strong passwords are essential. And consider setting up options that require longer, stronger passwords to protect sensitive data from hackers.

Airiam can help your organization set up its systems to accept only strong passwords. We can also help you with team training, adding MFA, and other security measures to ensure your data stays safe.

Strong passwords contribute to cyber resilience.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

AirProducts by Airiam

Airiam Introduces AirProducts™: Enterprise Cybersecurity and Managed IT for Small and Mid-Sized Enterprises Airiam, a managed IT and Digital Transformation company with a strong focus on cybersecurity, today announced the release of AirProducts, its pr
Avatar photo
Bill Bowman
>>Read More

Podcast: A Story of Resilience from Airiam’s Alex Zelenskiy

 Episode Summary Since Russia attacked Ukraine in February 2022, the war has upended the lives of millions and resulted in the tragic loss of many lives. Amidst the chaos and destruction, there are stories of resilience and goodness. Airiam’s Alex Zel
Avatar photo
Bill Bowman
>>Read More

Multi-Factor Authentication (MFA) Keeps the Cybergoblins Away

Here’s a cybersecurity trick or treat for you. It’s Halloween. You hear the doorbell ring. Would you answer your door without looking to see who’s on the other side? Would you leave your door unlocked, knowing the night will be filled with strangers lo
Avatar photo
Andrew Betts
>>Read More