The password: it’s what stands between your personal accounts and the rest of the world. And yet, most people don’t think much about it and change their passwords to something so easy to figure out. Then when the news breaks of a network intrusion, malware, denial-of-service attack, data breach or other major network breakdown, people are surprised at how easily this happens.

The safety and defense of your bank and other financial accounts, your email, social media, and other important accounts depend on that password, as well as how you safeguard them. Additionally, personal info from one account can be used to access a different one.

The challenge is to create strong, unbreakable passwords for each one of your accounts, and then remember them all when you need one. The stronger the password, the harder it is for anyone to bypass your login and mine your accounts for personal information.

Of course, things become complicated when you have a large number of different accounts and have multiple passwords to juggle.

Popular Passwords

Unfortunately, many people don’t take their personal IT security seriously, so they use passwords like:

• 123456
• 1234567
• 12345678
• 123456789
• 111111
• 123123
• Abc123
• Password
• Password1
• Iloveyou
• Letmein

Do you see how easy it is to access someone’s account with passwords like these?

These are some of the most common passwords to use. They’re easy to remember for the user. But they’re also some of the simplest for hackers or software programs to guess.

Brute force password crackers use repeated attempts of character combinations until it hits the right one. The longer and more complex the password, the harder it is for the program to decipher. Shorter, less difficult passwords are easier for the programs to crack and discover, accessing your account and causing a range of damage.

The Formula

Many people have a “formula” for creating their passwords. Unfortunately, they’re also pretty simple for a hacker to decipher, especially from social media accounts. In addition to the most popular passwords, users frequently incorporate terms from popular culture and sports into simple-to-hack passwords. People also use personal information such as names of children, pets, birthdays, anniversaries, and even phone numbers.  

Hackers can find this information from social media and begin trying different combinations. Eventually, they’ll succeed without too much trouble. For example, a die-hard fan of the New Orleans Saints football team is likely to use something along the lines of, “Saints1,” “DrewBrees,” “WhoDat,” or another simple related password for some, most or all of their accounts.

Because this fan makes no bones about his or her team loyalty on websites or social media, it won’t take much for a hacker to find something to start searching. The same is true for those with beloved pets, family members (especially with children), or other favorites proudly discussed anywhere online. 

Creating Strong Passwords You Won’t Forget

So, what’s the key to a good password that will keep hackers from breaking into your accounts? While no password will keep out a determined hacker, there are a few things you can do to create stronger passwords that are more difficult for the average hacker.

• Passwords should be at least 12 to 14 characters long. More digits are even better.
   
• Mix up the text—use a combination of capital and small letters, numbers, and special characters. This is harder to crack, especially on case-sensitive systems.
   
• Avoid “dictionary” words, and words in a logical order. Words like “horse” are easy, as is something like “white horse,” and therefore make an obvious term. It’s called a “dictionary attack” for a reason.
   
• Also avoid just changing up the lettering in a common dictionary word, such as “H0rse.”  A password such as “White&H0rse234” may be OK, but it’s still on the obvious side. Consider something more secure such as “$White&Horse%234”  or “$The*Horse%Is#White-234” It may be more difficult to remember that way, but it’s infinitely easier than a randomly generated password.

Using anything that isn’t obvious, along with more characters, numbers, and symbols, will strengthen your password considerably. It’s also best not to re-use a password on more than one site.

Another way to create difficult passwords is to consider abbreviating sentences along with symbol characters. Using the example of the Saints fan, a password with the initials of “The Saints Won the Superbowl In 2010” becomes “TSWTSBI2010!!*.”  It won’t make much sense to most people, but the die-hard Saints fan knows it easily.

Password Managers

Another solution is to engage a password manager. This is a program that holds all of your passwords secure and can also generate a very difficult password on demand. While you’ll need a master password to access all the information contained in the manager, you’ll use the same premise for a strong password when you create it. From there, all of your passwords are in one place at one time.

The encrypted software service stores all of your login information that you use to access websites, mobile devices, and other services where you are required to log in. You can manage your credentials across all of your devices, and auto-fill forms in browsers, and sync all the information across your devices. Your passwords and other sensitive data are kept safe.

CNET offers a review of several free and paid password managers, for desktop and mobile, for both iOS and Android platforms.

Another way to manage your passwords: pen and paper. Seriously—keeping passwords written in a small notebook or on something else physical like Rolodex cards (yes, people still buy use them) and put away, preferably in a locked space, can also offer safety as well as a backup record.

Don’t Give Out Your Passwords

If you think you’re keeping your passwords to yourself, you’re probably wrong.

It’s the one thing we can’t emphasize enough: nobody needs your passwords. If you’re being asked for a password, there’s a good chance something isn’t kosher.

Another way you unwittingly give out your passwords: those fun lists on Facebook that ask things like your middle name, your dog’s name, your cat’s name, your mother’s maiden name, the street where you grew up, your favorite sports teams....you get the idea. Filling out that bullet list on your page or anyone else’s page is nearly always a complete list of all your passwords. Don’t do it, no matter how many times you’re tagged.  

Other Password Dont's

Users who leave their password for their company sign-in on a sticky note pasted to their monitor horrify IT people. But it’s done every day, even by executives. It’s just not a smart idea, even if it’s a really good password.

If you must write down your password on a sticky pad, at least leave it in a locked drawer or cabinet so you can retrieve it when you need it. Even in a secured building, it’s so easy for someone with ill intent to use your login to access the company network from behind the firewall.

Working Towards A New Or Improved SAP Career

Now is a great time to start or further your SAP career.  Michael Management has helped more than 300,000 people change their careers by training and becoming SAP certified. Our YouTube channel has 75 videos on tutorials, intros, and instructions on SAP so you can see more before jumping in.  Contact us to find out how you can learn SAP for a new, competitive career.