Day 1/7 Passwords… No Longer Safe
Welcome to Day 1 of the ChatFortress Cybersecurity crash course.
Today we’re talking about password do’s and don’t. And how your password may already be compromised, and you didn’t even know it!
81% of hacking-related breaches leverage stolen or weak passwords!
This means that 8 out of 10 cyber attacks use your passwords or the usernames and passwords of an employee to compromise your system. This is one of the many reasons why it’s hard to detect cybercrimes. Hackers impersonate you to log into your “secure systems.”
Don’t use passwords – use this instead
Passwords used to be the primary method to keep things secure. But with password cracking software that allows you to crack over 1 million passwords in 1 minute, times have changed. However, our password habits haven’t changed with the times.
39% of people use the same password for multiple accounts. If you’re using the same password for various services, you’re making it easier for hackers to steal your identity and possibly your money.
Short passwords are no longer safe. When I say short, I mean less than 12 characters. Your optimal passwords should now contain 12-15 characters. I’ll tell you exactly how you craft these passwords in a minute.
There’s even a wiki article that explains the top 100 passwords people use!
Yes, that means “password” is not a secure password. LOL
Passphrases NOT Passwords
Instead of passwords, you need to use passphrases.
A password is generally just a word. Short and to the point. This includes words where you replace the letters with numbers or add numbers to the end of the word.
A passphrase is a phrase made up of multiple random words, spaces, and any other special characters or punctuation you like. Yes, your passphrase can contain words, but it’s more random.
Like “Dogs Chase Mice” this is a 15 character passphrase. This passphrase also contains capital letters and special characters being the “spaces”.
- Pink Mice Chicago
- Fat Alligators Treadmill
- Crunchy Mango Sunshine
Are you starting to get the idea?
You can increase the complexity of this passphrase by adding digits to something like this.
“D0g5 Ch453 M1c3”
Are you starting to get the idea of how to use a passphrase?
What’s interesting is that passphrases are easier to remember than passwords. You can create a series of these passphrases based on the services you are using. This allows you to have a different one of every service, yet not having the same one for any service at all, which is the ultimate protection.
Tips for Creating Passphrases
- The goal is to create a length of 12-20 characters using random words that would not be commonly used in a sentence.
- It’s ok to use more than 3 words. “Dogs Chase Fluffy Phat Mice” Using 3 to 6 words will increase the time it takes to crack your passwords. Anything longer than 12 characters will take a computer days or weeks to crack.
- Try to choose random unrelated words. Don’t use words that have an association with you, your work, or your family. The more random, the better.
- If you prefer a method for passphrase creation, try the Diceware method was developed by Arnold G. Reinhold. For more information: https://cfid.co/OirEBadFc
Passphrases with six words?
Playing the Cybersecurity Game
Cybersecurity is a game of risk reduction. This means increasing your security to the point where the opportunistic, script kiddie and average hackers will move onto someone else who is an easier target. Hacking and social engineering is a game of numbers. Hackers usually work in bulk. This means hackers try to crack 1 million accounts at a time not one.
Cybersecurity is like that joke of outrunning a tiger. You only need to beat the person next to you to survive.
Regardless of the method you use, once you start using passphrases with 3 to 6 words with at least 12 characters, you’re increasing your password strength.
Yes, you can use more than six words if you want, but unfortunately, most systems have a limit of the password length. This means you need to adapt to the restrictions of the service you are using. There will be times you can only use 3 words and times you can use six words. Just always make the words random.
Bonus Tip for Passphrase Inspiration
There is a great site called https://what3words.com, which turns street addresses into three random words. It’s a great website for inspiration. An additional benefit is that your phrases can also be locations of meaning to you. This can help your random passphrases have context for remembering.
Random is the secret here. It’s important to keep things random. If you use phrases or words that go together, your passphrase becomes easier to crack. Don’t be predictable.
Review your passwords, and start changing them to passphrases.
Update the following passwords today and ensure they are all different passphrases.
- Your personal email account.
- Your work email account
- Your bank account login
- Your telephone account login
Commit to updating your passwords to passphrases over the next 30 days. As you login to a new service each day, change the password.
If you have any questions about this lesson, just reply to this email, and I’ll get your questions answered.
P.s If you’re already thinking about how do I remember all of these new passphrases, don’t worry, I’ll share some resources to help make life easier.
Your Cybersecurity Expert
p.s Are your passwords already compromised and available to hackers?
That’s right when a data breach happens. Your usernames and passwords are published on the dark web and available for hackers. ChatFortress has created a complimentary hacked dark web scan to alert you to your compromised accounts. Complete your hacked dark web scan today at https://chatfortress.com/hacked
p.p.s At ChatFortress, we help small to medium size companies protect themselves from hackers and reduce their cybersecurity risk. If you would like to know how you can reduce your risk of ransomware, data breaches and malicious email frauds call us today (307) 999-7755
Who is ChatFortress
ChatFortress is a leading cybersecurity company that is helping small and medium-size companies protect themselves from hacking attempts. Using Cybersecurity AI, Gamified cybersecurity awareness programs and providing virtual security analysts. Our goal is to help you create a cybersecurity aware culture.
ChatFortress Email Guardian is the Ultimate Anti-phishing Program as it Detects and Mitgates Email Phishing Attacks in 3 seconds using A.i Real-Time Inbox Scanning for Phishing Prevention!
Helping you verify the device and the person you’re sharing wire information with via our secure chat platform. When you need to validate the person you are sending information you need ChatFortress communication. To speak with a ChatFortress Agent call (307) 999-7755. If you want a demo you can Schedule a ChatFortress demo here.
Has your username, password or PII data been exposed to hackers on the darkweb?
Complete your FREE scan using our Hacked Scan Tool which scans over 11 Billion compromised data records and the darkweb to see if your data has been exposed to hackers. We will tell you exactly which third party services exposed your data and what you can do about it. Complete your free scan now it only takes 30 seconds!
Discover secrets to social engineering scams hackers use to steal your data and money with the 7 Day Cybersecurity Crash Course
The ChatFortress Free 7 Day Cybersecurity Crash Course will give you cybersecurity insider secrets on how to protect yourself from hackers. The 7 Day Crash Course is one email a day for 7 days and will cover password cracking skills, social engineeing scams, how to detect phishing emails, how to protect yourself from attack and current threat trends. Sign up today to unlock these insider secrets.