Your password is weak. Is it your birthday? The birthday of your kids? Your anniversary? Or is it password123? Consider this: It only takes 14.17 minutes to crack a nine-digit password (such as 123456789) that consists of the numbers 1-9. Using a botnet or supercomputer, that same password can be cracked in .0085 seconds. So that weak-sauced password you use for every account you have can be hacked pretty easily. And don't think if you're using a lowercase password (such as the name of your cat) that you're any better off. A botnet or supercomputer can crack an eight-character lowercase password in 1.8 seconds. So fluffers isn't your answer. What is?
In the current landscape, the only option for true security is a strong password of random characters, such as $^uI0!jvR. These types of passwords become exponentially harder to crack. At the same time, they are harder to memorize—especially when you use different passwords for every account you have. And that, my friends, is exactly what you should be doing. And in order to keep track of those passwords, you need to use a password manager.
SEE: Password management policy (Tech Pro Research)
Not only will a password manager keep those passwords locked away in an encrypted vault (one that can only be accessed with a password), most of them include strong password generators, so you don't have to come up with those random string of characters yourself.
So, when you employ a password manager you are not only able to keep all of those strong passwords safely tucked away, you can easily generate very strong passwords to use for your accounts. Everyone should turn to password managers before you find yourself on the receiving end of a hack that will cause you to lose data, or worse.
The lesson here, if you're not using a password manager to create and store strong passwords, it's not a matter of if, but when your accounts are hacked.
- Why passwords are a terrible method of authentication (TechRepublic)
- How to install and use the Bitwarden command line password manager (TechRepublic)
- How to install and use the Titan text-based password manager on Linux (TechRepublic)
- Security researchers want to force people to use different passwords for every website (TechRepublic)
- PassProtect tells you if your password has been pwned (ZDNet)
- Password managers can be tricked into believing that malicious Android apps are legitimate (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.