Skip to main content

Best Tips For Creating Strong Passwords

RED SECURIUM provides BEST Ethical Hacking Training in Noida based on current industry standards that helps attendees to secure placements in their dream jobs at MNCs. RED SECURIUM provides Ethical Hacking Certified Courses in NoidaRED SECURIUM is standout amongst the most valid Ethical Hacking preparing organizations in Noida offering hands on practical knowledge and full job assistance with basic as well as advanced level Ethical Hacking training courses. At RED SECURIUM Ethical Hacking Training in Noida is conducted by subject specialist corporate professionals with 10+ years of experience in managing real-time Ethical Hacking projects.


Passwords are an important safeguard for our data, yet so vulnerable: Verizon Enterprise recently reported that 63% of breaches are due to passwords that are weak, default, or stolen.
That’s why it’s essential you use the strongest passwords possible – and different ones – for every single application or account you use.
This article is an overview of what you need to know to keep yourself and your workplace protected by creating and using robust passwords everywhere.

How are passwords cracked?

Generally speaking, hacking a password involves trying to login with as many guesses as possible, until it cracks. This sometimes done in what’s called a brute-force attack, but since some websites time out after a few attempts, others tools have cropped up that use “dictionary attacks” only using English words, for example, or common number or letter patterns that will shorten the number of tries.
There are dozens of password hacking tools available for free on the web that anyone can download as well as other more sophisticated software bought and sold on the black market.
But the really scary thing is that many times hackers don’t need to use them at all. SplashData, a company that gathers information from data breaches, puts out an annual list of the top 25 most common passwords. Year after year, the top two are “password” and “12345.”

In what ways are passwords vulnerable?

As we mentioned above, the more common the password, the easier it is to get hacked. This includes not only the obvious passwords mentioned above, but birthdays, anniversaries, and number repetition. Another common problem is that many companies and/or users keep the default “admin” password out of ignorance, or simply don’t want to be inconvenienced to learn a new password.

What makes a strong password?

A strong password is generally defined as a password that would take a very long time to guess or crack. This is sometimes referred to as “password entropy” and is calculated in bits of strength. Generally speaking, you should aim for at least a 40-bit strength password. The basic guidelines here are:
  • More than 12 characters
  • A combination of letters, numbers, and special symbols (if allowed)
  • Use upper and lowercase letters, starting with lowercase first.
This obviously can make it very difficult to remember password combinations, but don’t worry, we’ll show you some tips and tricks at the end of this article.

How often should passwords be changed/updated?

In earlier days, it was thought to be a good idea to change your password every few months, as that would prevent it from being used or sold on the black market. However, concepts have changed and security experts now feel that regularly changing passwords adds more to user frustration than increased security.
However, there are some that should be periodically changed:
  • Corporate logins
  • Social media accounts
  • Shared computer accounts
  • Email accounts (also use 2-factor authentication)
Also, if you think you’ve been hacked, received an alert, or decided it’s time to use a stronger password, by all means update it right away!

Tips & tricks for creating strong passwords

Creating strong passwords is actually not as hard as it seems, so long as you have a good guideline. Here are a few tricks we like.
Long nonsense phrase. Think of 5 different words that do not normally go together, for example “corn walrus sparkplug possession planetary”. This long connection of words makes for a surprisingly strong password and remembering it is almost as easy as a poem. In a small study conducted by USC, users were 61% more likely to remember a poem-based password and 58% for a random selection of words than a traditional number or letter combination.
Go one step further. Take these word combination ideas and remove the spaces. Next, add in a few uppercase letters and some numbers or symbols and you’ve got a pretty tight password that you can actually remember.
Create a base password and vary the endings according to the website. Ajinkya Bhamburkar, a writer at Guiding Tech showed an example of how he used a base phrase “Ajinkya@799” and then added two separate bits, one abbreviating the website he was using, and the other a number. Ajinkya admitted his version was flawed, but also made the task of creating and remembering complex passwords much easier (at least for him).

Password generating and storing tools

Finally, there are of course both password generating tools as well as password manager apps that can help with both the memory and creation problems. Two of the most popular are LastPass and Dashlane that both offer free as well as premium services. However, these third party systems also require a password; while they state that they either don’t store your password or keep it encrypted, the truth is if your master password does get compromised, there goes your entire system of passwords!
The convenience and security, along with generally positive reviews, make these a perfectly valid choice for creating and storing passwords. Then again, the old-fashioned method of writing them down and keeping in a locked drawer may give you a bit more peace of mind.
You may also be interested in these tools:
http://www.passwordmeter.com/ – evaluates the general strength of your password using a variety of criteria and expressing in percentage.
http://world.std.com/~reinhold/diceware.html – Diceware is a password generator that uses a random combination of a fixed set of words to help you create a passphrase that is easy to remember but hard to crack. It’s very old-school, you must download the list and roll an actual set of dice.
https://www.grc.com/haystack.htm – this tool equates a strong password with a needle in a haystack. Plug in your password and find out how long it would take to find yours.
Have your own advice for remembering or storing passwords? Let us know in the comments below.
For more information, visit our website.


Contact us:


Red Securium Pvt Limited Company
Address: Block A, A-25, Second Floor, Sector 3, Noida, Uttar Pradesh 201301
Telephone number: +91-120 429 1672
Website : redsecurium.org
Email: info@redsecurium.org
Mobile number: +91-931 991 8771
Blog: https://redsecurium.com/blog
Google+ Profile: Red Securium
Facebook profile: Red Securium
Twitter Profile: Red Securium
Instagram Profile: Red Securium

Comments

Popular posts from this blog

Tr0ll 1.0 – Vulnhub CTF Challenge Walkthrough

  Tr0ll 1.0 is an intentionally vulnerable machine, which is more of a   CTF  like type than real world scenario. Nevertheless, this machine has its own difficulties and you can learn some new stuff from it. So, let’s start. Enumeration Phase Let’s first run  netdiscover  to find the IP of our machine. netdiscover -r 192.168.1.1/24 After that, we run our typical  nmap  scan to see the open ports in the machine. nmap -A -sS -Pn -vv [target] Great we see many interesting stuff here. First of all, there is an open  FTP  port and we can connect to it with  anonymous access .  Also there is an open  http  port, we will run a nikto scan for it. The  ssh  port will be valuable later. From the nikto scan we got an interesting  /secret/  folder. When we get inside, we can understand why the machine got this name. Nothing interesting here, as you can see. we got trolled Let’s connect to the ftp server. When we get asked for the username we type ‘ anonymous ‘ and we l

Digital Marketing Services in noida

Red Securium Company Provide Digital Marketing Service In Noida Strengthen your brand positioning, awareness, revenue objectives and market share with our custom-built digital marketing services to suit their business needs. Get easily accessible to your target audience on mobiles and social networking sites across different platforms. Our cross-functional digital marketing experts offer end-to-end digital marketing solutions that are in step with your business's goals and policies. Our targeted digital marketing campaigns are custom-structured for helping you in strengthening your brand positioning, awareness, revenue objectives and market share. Digital Marketing Services  Digital Marketing Service  Social Network Marketing Service Seo Services Marketing  PPC Marketing Service  Social Media Marketing Sales Generation Services  Mobile Marketing Service  Content Marketing Service Event Marketing Service  Video Marketing Service Video Lo

Uber fined $1.1 million by UK and Dutch regulators over 2016 data breach

British and Dutch data protection regulators Tuesday hit the ride-sharing company Uber with a total fine of $1,170,892 (~ 1.1 million) for failing to protect its customers’ personal information during a 2016 cyber attack involving millions of users. Late last year, Uber unveiled that the company had suffered a  massive data breach  in October 2016, exposing names, email addresses and phone numbers of 57 million Uber riders and drivers along with driving license numbers of around 600,000 drivers. Besides this, it was also reported that instead of disclosing the breach at the time, the company  paid $100,000 in ransom  to the two hackers with access to the stolen data in exchange for keeping the incident secret and deleting the information. Today Britain’s Information Commissioner’s Office (ICO)  fined  Uber 385,000 pounds ($491,102), while the Dutch Data Protection Authority (Dutch DPA)  levied  a 600,000 euro ($679,790) penalty on Uber for failing to protect the personal informa