Whether we notice it or not, password security has become a vital part of our modern lives. We use passwords to protect things that are important to us such as our phones, computers, and even our money. So, it is only right for us to take the necessary steps required to ensure we create passwords that are strong and hacker-proof because a password is oftentimes the only line of defense that protects our valuable data.

The Reality Of Passwords

Oftentimes, many of us are overly confident of our passwords that we underestimate how vulnerable we are to cybercriminals who are willing to spend hours, weeks, and even months to crack them.

Do you know? A weak password can be cracked in seconds whilst a strong password can take hundreds of years. So, how secure is your password?

According to the Hive Systems, the advances in graphics processing technology have slashed the time needed to crack a password using brute force techniques.

Just How Strong Is Your Password?

In 2020, Hive Systems unveiled a Password Table that shed some light on the relative strength of a password against a brute force cracking attempt. This table consists of data that was based on the duration it would take a consumer-budget hacker to crack a password hash using a computer with a top-of-the-line graphics card. Two years later, they released an updated table (below) to illustrate how fast it takes for a hacker to crack your password using brute force.

Based on this 2022 table, we can see that even an 8-character password with letters (upper and lowercase), numbers, and symbols would take cybercriminals only 39 minutes to crack. Given the advances in technology in graphics card, the chances of your passwords being cracked rises exponentially each year. Knowing this, how can you and your organization strengthen password security in hopes of better securing your accounts and data?

Key Points In Creating A Strong Password

The Longer, The Better
Research shows the longer the password, the harder it is for a hacker to crack. Therefore, it is advisable to create a password that is made up of more than 14 characters.

Examples of a long password:

1. Samtosecureaxe


2. Firecatjazztocrowd

Complexity Is Key
To ensure maximum security, you are advised to create strong and complex passwords by using numbers, letters (upper and lowercase), as well as symbols.

Examples of a complex password:

1. Cruise-django-man2


2. *blurrymud4ever*

For administrative accounts, it is highly recommended to generate random passwords with at least 14 characters that have numbers, letters (upper and lowercase), and symbols and store them in a password vault.

Top 9 Password-Creating Tips To Improve Your Password Security

Now that you know about what constitutes a strong password, below are the key points to help you create a hacker-proof password to enjoy a worry-free experience:

1. Change It Periodically
   Changing your passwords every 30 or 60 days is one of the best and most effective ways to strengthen password security.
   
   With the help of a Managed Cyber Security Services provider, a company can set a schedule to make changing passwords compulsory for all its employees. It can also prevent its employees from reusing passwords by changing a few characters to create a new one.


2. Be Random, Be Unpredictable
   It is wise to create a strong password that is not connected to you in any way. Avoid using words or numbers that link to your hobbies, pets, or social life.


3. Unforgettable & Vague
   To further secure your password, make sure your password is easy to remember but difficult for others to guess. Using four or five random words is a good strategy to start. For example, RyanStarPistolTofu or SarahArtAniseCaoCao.


4. Utilizing Multi-factor Authentication
   For stronger cyber security, it is advisable to include Multi-factor Authentication (MFA) in the process of granting access to an account. This is especially true for Virtual Private Network (VPN) access, administrator account, and VIP’s account (E.g., CEOs’ accounts are usually highly targeted by threat actors).
   
   MFA is a layered approach that requires users to provide a combination of two or more authenticators (such as email OTP or app approval) to verify their identities before they can access an account.


5. Single Sign-On Implementation
   Another way to strengthen password security is to implement Single Sign-On (SSO) with a centralized user management portal, such as Azure AD, to grant or revoke access, update user policy, and monitor user activities like data exfiltration and more.
   SSO is an identification scheme that allows a user to access multiple applications and websites securely with a single identity data. This can help ease password management as users no longer need to re-enter authentication factors to access their accounts.


6. Individually Unique
   It is highly recommended to use different passwords for different accounts to avoid other accounts being compromised when one of your accounts is hacked. Hence, it is best to not use the same password for all standalone logins that do not support SSO.


7. Constant Password Monitoring
   For organizations, it is recommended to use a monitoring service to monitor whether a user’s password has been compromised. This step is vital as there are instances whereby a user reuses his or her corporate email and password for personal use, thereby allowing a threat actor to gain access to their accounts.


8. Spam Filtering
   To further increase password security, a spam filter is your friend. This solution can detect and block unsolicited, unwanted, and virus-infected emails from getting to a user’s inbox to avoid the cybercriminal to break the password instantly when these emails are clicked.


9. Password Manager
   With a large number of accounts and an even larger number of passwords and emails to remember, it is wise to utilize a password manager to manage all of the information so that a user can log in to different sites easily and securely.

With these key points in mind, creating a strong and effective password is not out of reach. Below are additional tips to help prevent you from the threat of hacking by the ever-growing cybercriminal network:

• Even though it is tempting, never write down your passwords anywhere

• Never share your password with anyone

• Make sure your devices and software are kept up-to-date

• Enter your login credentials discreetly. Be vigilant towards other people trying to obtain your passwords by physically looking over your shoulder or even recording during a remote session.

Why Choose Adventus For Managed Cyber Security Services?

Adventus offers managed cyber security services and cyber resilience, catering to businesses of all sizes. Our services equip organizations with the necessary tools, solutions, processes, policies, and best practices to safeguard their intellectual assets, financial resources, and security posture. We also provide cyber security assessments that enable organizations to evaluate their security standing, identify any vulnerabilities, and establish a starting point for enhancing their security measures.

Furthermore, our managed services come with multi-factor authentication (MFA), endpoint protection (antivirus), next-generation firewall (unified threat management), device encryption, and email security. We provide a comprehensive suite of solutions to defend against cyber-attacks and let you drastically reduce implementation efforts, cost, and maintenance requirements. Our team of skilled experts supports our clients in building cyber resilience, innovating securely, and growing with confidence. To enhance your organization's cyber security, reach out to us today!

Adventus is an award-winning Managed Services Provider, who was named the Best IT Services Provider by Singapore Business Review at the National Business Awards for five consecutive years from 2018 till 2022.