Every few weeks and/or months, most of us are, by some mandatory measure, forced to change our passwords. Whether that be a work email login, something on your phone, an online account, or what have you, most are initiated to the arduous task of resetting your password, an irritable process only amplified when receiving the demeaning message of “password must contain an upper and lowercase letter and one of these *!4()-@ characters”, and then you forget the password after a few days, only to be forced to reset it again. Sigh.
But in a recent study conducted by Soax.com, they found that 60% of cyber breaches occur despite frequent password updates. They noted that the issue is embedded in weak, recycled, or easily guessable passwords, all of which hackers can exploit with advanced software tools.
“It’s essential to recognise the tools and methodologies employed by modern hackers. A routine, such as monthly password changes, might not tackle the sophisticated techniques used in cyber attacks today,” said Stepan Solovev, CEO and co-founder of Soax.
The Myth of Password Safety
In today’s digital age, you’d think users would have found the safest solutions by now, but many are at increased risk unlike ever before. According to recent studies by Cybersecurity Ventures, over 15 billion accounts are at risk, with an alarming number of them compromised due to weak passwords.
The recommendation of periodic password change is based on the logic that frequent changes in credentials will help deter unauthorised access. However, this convention is unlikely to be helpful all by itself for several reasons, the main one being user fatigue.
Constant changes can lead to password fatigue, resulting in weaker security practices, like noting down passwords or using them across multiple platforms. Additionally, continuously changing passwords instills a false sense of security and may divert attention from more conducive methods of securing accounts, such as two-factor authentication or secure password management.
But there are three robust password combinations that are statistically proven to be the hardest to crack.
Alphanumeric Mixed with Symbols: i.e., S3cUr!ty#4Ev3r
Passphrases with Unrelated Words: i.e., blue coffee mountain#jelly
The Use of Non-English Characters: i.e, 日本52語@Ninja
And if you really want to throw the hackers off, just sit on your keyboard, and whatever letters, numbers and symbols appear, voila, a new password has arrived.
Remember, don’t respond to the ‘prince’ asking for help, and stay vigilant.