Notebook SecurityOne of the biggest threats to your business’s internet security lies in your passwords. No, hackers don’t simply sit around guessing passwords; they use complex computer programs which can make billions of attempts to crack your password in a very short amount of time. For example, assuming a program can make 100 billion attempts at a password in one second, this is how long it might take to gain access to your website or computer system:


  • For a password of six random lowercase letters – less than one second
  • For a password of eleven random lowercase letters – around eleven hours
  • For a password of eleven random lowercase and uppercase letters – two and a half years
  • For a password of eleven random lowercase and uppercase letters, plus symbols and numbers – 500 years


In order to create hacker-proof passwords and protect your business operations, keep these ten rules in mind:


  1. Don’t use personal information for your password, like the name of a child. This information can be gathered quickly from social media sites (or if the hacker knows you personally).
  2. Don’t use generic passwords like “querty”, “password”, or “123456”. These are extremely common and are amongst the first ones hackers will try.
  3. Don’t use words found in the dictionary. Hacker software will try common words first. Substitutions, such as a 3 for an E, won’t fool them, either.
  4. Use a long password of at least 11 characters.
  5. Use a combination of lowercase letters, uppercase letters, numbers, and special symbols like * or &.
  6. Make it easier to remember by using a phrase, instead of just one word, as the base of your password. Or, you can use the first letter of each word in a long memorable phrase.
  7. The more complex the password, the better. If you need to remember several passwords, add an unrelated phrase to the end of each of them, such as B12! or M&M5.
  8. Change your passwords regularly. To keep track of how old a password is, you could add characters which designate the date you changed it, such as Mar2014, Apr2014, and so on. This also adds complexity to your password.
  9. If you have too many passwords, use a secure system such as LastPass or RoboForm to remember them for you. Then you only have to recall one master password.
  10. Test your password’s security with Gibson’s Research tester.