That long password isn’t necessarily keeping you better protected
How secure do you think your passwords are? Do you believe that longer is always better? Well, we have some news for you. It's time for a serious talk about password security.
New research has revealed a sobering truth – even passwords that are 15 characters long can be compromised. Yes, you read that right. It's time to face the stark reality… length doesn't always mean strength.
The eight-character password reigns supreme as the most compromised length of password. But don't breathe a sigh of relief if yours is a longer one. The 15-character password also appears in the top ten most compromised lengths.
You might ask, "How could this be?" The answer lies not only in the password length but also in the content of the password and whether you use the same password on multiple sites.
The most compromised eight-character password is none other than "password" itself, while the most compromised 15-character password is "Sym_newhireOEIE".
Doesn’t exactly feel secure.
It's not just about individual people. Businesses like yours are at high risk, too. An alarming 86% of all cyber attacks start with stolen credentials. Remember the Colonial Pipeline hack? Yep. That's nearly nine out of ten attacks. Can you afford to be complacent?
Sure, longer passwords do offer more resistance to brute force cracking. An eight-character password can be cracked in five minutes, while a good 15-character one could take up to 37 million years if it doesn't follow any obvious pattern (i.e., it’s random and uses many types of characters). Impressive, isn't it?
But remember, this is just one piece of the puzzle. Length alone won't save you from stolen credentials via phishing attacks.
Use a robust business password manager. Not only will it randomly generate long passwords for you, but it will also remember them and fill in the login box for you.
You should also use multi-factor authentication (MFA), where you generate a code on a separate device to prove it’s you. Even if cyber criminals crack your password, they won’t be able to access your data. We'll get into MFA fatigue in another blog but until then, don't approve a request you didn't make, no matter how many times you receive one.
If you need help keeping your business better protected, get in touch.