We use them many places in our everyday lives and in our working lives. We tend to forget them when we return from vacation. They are sometimes the source of frustration, but also of security. They can be hard to live with, but also hard to live without.
As human beings, we naturally have an urge to make things easier for ourselves. This also sometimes applies to when we are creating passwords. But do we also make it easier for cybercriminals who want our data or the data from our workplace? In this article you can read facts about passwords and perhaps get inspiration to strengthen yours.
Centre for Cybersecurity has compiled a list of typical password behavior:
- If the password must be at least eight characters long, it usually only contains eight.
- If the password must contain a capital letter, the uppercase letter is typically placed as the first letter of the password.
- If the password must contain numbers, they will most likely be placed at the end. And the number is often between 0 and 99, or an annual number.
- It is also common to change letters with numbers that look like a particular letter or are close to the letter in appearance. For example, “e” becomes “3”, “o” becomes “0”, and so on.
- In many cases, the requirement for special characters is resolved by using only one. Some characters are more popular than others. Commercial at (“@”) and exclamation point (“!”) are some of the more popular ones.
- If the password needs to be changed at regular intervals, many users choose cyclical words in the form of words for seasons, quarters, months, etc.
- Some words or numbers are very popular and are repeated in many passwords.
Among the most used passwords we find “123456”, “password”, and letter rows such as “qwerty”, which follows the order of the keys on the keyboard.
- The password is the same as the username or part of it. The password consists of names of family, friends, pets, etc.
If you must be honest – did you recognize any of the methods from your own way of creating passwords?
Luckily, there are other ways of creating your passwords, even though it might seem tempting to do as described above.
Centre for Cybersecurity suggest that you create your password with inspiration from a sentence where you combine upper- and lower-case letters, numbers, and special characters.
“The sun is shining outside today and it is very nice!”
Of course, this is a thought example so you should not use it.
Multifactor authentication can also make it harder for unauthorized people to access your user accounts. In our e-learning about IT security, you and your colleagues can learn more about multifactor authentication.
Do you want to hear more about the other modules in our cyber awareness training? Then contact us and book a demo.
You are also very welcome to call us on the phone!
A password manager is also an option if you want to avoid having to remember many advanced passwords.
It works as a kind of electronic keychain and requires you to make a very strong master password.
Remember, however, that no one has a guarantee of security – even companies that offer password managers. For example, the Australian password manager Passwordstate was hacked in April 2021.
Users were informed that the password manager had been hacked and advised to change their passwords.
To check if your passwords have been leaked, you can go to https://haveibeenpwned.com and search your user accounts.