Most tech users and data protection enthusiasts must have heard about some of the multiple methods used by hackers to decrypt passwords, the surprising thing is that even with all this information at hand, millions of people around the world are still using really insecure access keywords (such as ‘1234’ or ‘password’) just because they are easy to remember.
Online platforms have had to force users to use more complex passwords, requiring them to include uppercase, lowercase, numbers and special characters although the recently published guide from the National Institute of Standards and Technology (NIST) and the FBI states that the security of a password lies in its length rather than its complexity in using character combinations.
Therefore, to ensure data protection in your online accounts, it is best to use a long phrase, rather than random words alternated with special characters. In addition, a long sentence may be easier to remember than a string of characters without an apparent order.
This is not the only data protection tip provided by the NIST; other recommendations for the secure use of passwords in enterprise environments are summarized below:
- All employees must use passwords or passphrases longer than 15 characters. You can omit the use of uppercase, lowercase, or special characters
- Reset passwords only if there are sufficient reasons to suspect that your network has been compromised
- Ask your organization’s IT team to contrast employee passwords with previously compromised password blacklists
- Do not allow the use of automatically suggested passwords by the system
Regarding the use of passwords for multiple platforms, there are better ways to access it than using the same keyword for two or more sites. There are currently multiple password management tools that help users use secure and unique keywords for each website or work platform they use.
If you choose to use one of these tools, the only password you need to memorize is that of the password manager. One possible disadvantage is exposure to brute force attacks, although devising a strong password for this tool will suffice to protect yourself from this variant of hacking.
He is a cyber security and malware researcher. He studied Computer Science at Miami and started working as a cyber security analyst in 2008. He is actively working as an cyber security investigator. He also worked for security companies like Cisco. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.