If you are concerned about keeping your user accounts secure, and access to sensitive business information under control, then the strength of passwords is incredibly important.
Hackers use tools that automate the password cracking process by running through all possible combinations until they find one that works. For example, they may start with a, then b, then c, etc. until they get to z. If your password is not one of those, they’ll try aa, ab, ac, ad and so on.
Password cracking tools are able to run through all of these combinations very quickly. If your password contains the minimum 6 characters and you use all lowercase letters, it will take a maximum of 308,915,776 attempts to find your password. That might sound like a huge number which would surely take a long time, but a basic password consisting of all lowercase letters can be cracked in as little as 0.29 milliseconds.
Each extra letter added multiplies the number by 26 again, but where you can really make your password hard to crack is by using a mixture of upper and lowercase letters, as well as numbers and symbols. Upper case adds 26 different characters to the equation and means the maximum number of attempts needed to crack your password is now 52 x 52 x 52 x52 x 52 x 52 for a 6 character password. Add numbers, symbols and lengthen your password to 12 characters, and the number of attempts needed to crack it starts getting astronomical (like a 1 with 30 zeros after it).
No matter how strong you make your password, there’s always a chance someone could find out what it is without needing to use software to crack it.
To really ensure your accounts are secure, you should be using two factor authentication.
Two factor authentication means a second method of verification is needed to log in to your accounts, in addition to your username and password. This is usually something you have – meaning to log in you need something you know (password) and something you have.
The “something you have” is often a code generated on a token that you keep with you. When you’re ready to log in you press a button on your token and it displays a unique code which will only work for a short period of time (like 30 seconds). You enter this in a separate field when logging in. Once it’s been used, or once the time elapses, the code generated by the token no longer works and you must generate a new one the next time you need to log in.
A token can even come in the form of an app on a smartphone linked to your account. A code used alongside your password to log in is generated within the app. Other forms of verification send a notification to your device asking you to approve the login attempt. If you wish, a code can be sent to you via SMS instead.
Using two factor authentication greatly increases the security of your account. Even if a cyber criminal knows your password, they still won’t have a chance of logging in unless they can steal your token or phone as well.
Computer Medic On Call is committed to bringing you the highest quality computer service available for all of your information and systems needs. Serving in Broward and West Palm Beach in Florida State for IT Support. Our experience provides us with the skills to offer a range of high quality computer services.