Table of contents
Start for free
Why you need a strong passwordLearn why having a strong password is a must to protect your online data.
Whether you are signing up for a new email service or logging into your bank account, you will almost always be prompted to select a password. We constantly deal with the hassle of creating a completely new password, remembering an old one, as well as the long frustrating process of forgetting a password and having to follow a labyrinth of instructions to create a new one.We all know we should be creating strong password: Weak ones are easily guessed, which could leave our data exposed to hackers and criminals. However, before switching to better practices or using strong passwords, we need to actually know what constitutes one. As part of a series of privacy 101s, we at Skiff are going to share how to make a strong password across all your accounts and visited sites.
Why a strong password is importantThe first question you might be asking is why is a strong password is necessary. Yes, lots of slightly annoying online prompts require numbers, special characters, or capital letters, but the math behind different attacks showcases exactly why strong passwords are so important for everyone’s online security.When you use a weak password from “abcdefg,” “123456”, “password,” or some easily guessed combination of your birthday and home address, you leave yourself open for hackers and criminals to easily access your accounts using a number of exploitation methods.Hackers can guess weak passwords through several common methods, including:1. A brute force attackA brute force attack is an attack that relies on either manual or automated trial and error to guess your password. If a hacker has found out that you are a car enthusiast and your favorite model of car is a Ferrari, they might try enter variations of passwords including the word “Ferrari,” such as “Ferrari1,” “Ferrari123,” “Ferrari12345,” in an attempt to access your account.Brute force attacks are always automated today, and sophisticated brute force algorithms may combine other information about you or your account, such as the service name, your birthday, or other properties.2. A dictionary attackA dictionary attack is a slightly more sophisticated form of a brute force attack. In a dictionary attack, sophistiated hackers program a malicious software to run through hundreds, if not thousands, of variations of common words or passwords in an attempt to guess your password.The weaker your password the easier it is for an attacker to guess your password and access your account.3. Social engineeringSocial engineering refers to hackers pretending to be someone from a trusted and legitimate organization, such as pretending to be someone from your bank or impersonating a fellow co-worker.Hackers will try to gain your trust and then use information you share to guess your password and nefariously access your information and online accounts. They may also try to contact the service and convince them to reset your password or share additional account information.Beyond the information above, there are many other ways hackers can guess your password. However, by following a few simple steps, you can create a strong password and significantly improve the chances that hackers will fail to steal your information and access your accounts.
Constructing a strong passwordThere are several basic rules you should follow when trying to create a strong password. These include:
1. Always use a unique password for each of your accountsWhen signing up for a new service, you should never use a password you have used for a previous account. If a hacker guesses one of your other passwords, or your password is exposed in a data leak, other accounts that share a password with the breached account will also become vulnerable to exploitation by the hackers and other criminals.This is why you should always use a different password for each of your accounts. This will make sure that each account is securely protected even in the case when one of your accounts does become the victim of a hacking attempt.
2. Your password should be at least 12 charactersShorter passwords are, unsurprisingly, easier for hackers to guess, This is why you should always make your password at least 12 characters in length.Longer passwords are sometimes harder to remember, so we highly recommend using a password manager or secure storage mechanism for your accounts. A long password is no help if you forget it and are locked out of your account
3. Make sure your password includes letters, numbers, and special charactersYour passwords should always include a combination of upper and lower case letters, specical characters like “*” or “&”, and numbers. This combination will make it hard for hackers to guess your passwords using brute force attacks or other forms of attacks that rely on guessing a large number of password combinations.On a basic mathematical level, going from 26 letters, to 52 uppercase/lowercase letters + 10 digits + 10 special characters for every character in your password, the number of possible passwords increases significantly (if you have 12 characters, over 10^22 possible passwords).
ConclusionIn conclusion, having a strong password is a necessary way to prevent hackers from accessing your accounts and stealing your sensitive data and information. There are several easy steps you can take to create a strong password, such as making your password at least 12 characters, including letters, numbers and special characters, and never reusing passwords across multiple accounts.Taking these proactive steps to create a strong password will make your online accounts safer and keep hackers and criminals out of your life for good.
Arpeet KaleWhat is a tracking pixel?How do tracking pixels optimize marketing and emails while invading user privacy?
Andrew MilichWhat is a wallet recovery phrase?Tens of millions of people use browser-based crypto wallets. How can recovery phrases be used to recover, transfer, or safeguard funds?
Andrew MilichWhat is encrypted email, and is it secure?Encrypted emails are a necessity for privacy and cybersecurity. Learn everything you need to know about using encrypted email providers and other good email security practices.
Skiff TeamHow to Protect Your Data, Identity, and Business OnlineSecurity risks are constantly present on the internet. Here are some much-needed tips to protect you and your business.
Peter LuHow to add a shared custom domainYou've set up your Skiff workspace with your team. How can you add a shared custom domain?
Andrew MilichQuick guide: Get your custom domain set upHow can you add a custom domain to your Skiff account? Learn more in this guide.
Andrew MilichEmail marketing and tracking privacy protectionYour email inbox is home to your most sensitive personal and professional communications. Yet, emails are constantly exposed to invasive trackers, spam, and phishing. How can you protect your email?
Andrew MilichBlock trackers and remote content on Skiff MailStarting today, all Skiff Mail users on every plan can disable remote content loading by default in their inbox.