One of the biggest threats to your business’s internet security lies in your passwords. No, hackers don’t simply sit around guessing passwords; they use complex computer programs which can make billions of attempts to crack your password in a very short amount of time. For example, assuming a program can make 100 billion attempts at a password in one second, this is how long it might take to gain access to your website or computer system:
- For a password of six random lowercase letters – less than one second
- For a password of eleven random lowercase letters – around eleven hours
- For a password of eleven random lowercase and uppercase letters – two and a half years
- For a password of eleven random lowercase and uppercase letters, plus symbols and numbers – 500 years
In order to create hacker-proof passwords and protect your business operations, keep these ten rules in mind:
- Don’t use personal information for your password, like the name of a child. This information can be gathered quickly from social media sites (or if the hacker knows you personally).
- Don’t use generic passwords like “querty”, “password”, or “123456”. These are extremely common and are amongst the first ones hackers will try.
- Don’t use words found in the dictionary. Hacker software will try common words first. Substitutions, such as a 3 for an E, won’t fool them, either.
- Use a long password of at least 11 characters.
- Use a combination of lowercase letters, uppercase letters, numbers, and special symbols like * or &.
- Make it easier to remember by using a phrase, instead of just one word, as the base of your password. Or, you can use the first letter of each word in a long memorable phrase.
- The more complex the password, the better. If you need to remember several passwords, add an unrelated phrase to the end of each of them, such as B12! or M&M5.
- Change your passwords regularly. To keep track of how old a password is, you could add characters which designate the date you changed it, such as Mar2014, Apr2014, and so on. This also adds complexity to your password.
- If you have too many passwords, use a secure system such as LastPass or RoboForm to remember them for you. Then you only have to recall one master password.
- Test your password’s security with Gibson’s Research tester.