Hey guys, welcome back! I do apologize, as i have not posted in months but here i am, so “a luta continua”. Did i use that right(i don’t really know its meaning, so kindly comment it down below)
Anyway, today i want to touch a little on passwords, but before that i want to show you something. Below find the top 13 most used passwords in the world.
To see more, click here to find the wordlists
And this is no laughing matter, for hackers these passwords take at-most 3 minutes or even seconds to crack, and not forgetting, that this list is on the internet and in numbers, hackers love to search for these kind of lists to build their dictionary attack(this is a list of phrases e.g aaab, aabb etc)
Hackers usually search the internet for leaked passwords to create a wordlist, like the one above. Then when they choose a target and check if the target has any of those leaked passwords. Then in a few minutes, the are in. They can do anything they like. Even using your email for malicious purposes like social engineering, spreading viruses and many more. Recently it was proven that a hacker with a powerful laptop(in tech terms Core i7, 16 GB Ram and 2 GB Graphics card) can crack a 8 character password in about 3 days, and that’s if you don’t have a password that is already in the internet openly. If your password does exist in these wordlist then it takes less than 3 hours. And you should know a hacker can be very patient if he/she is focused on cracking the password.
Now, the question is how do i create strong passwords that will make a hacker to destroy his machine after weeks of trying the combinations?
Well, the new password standard is 16 characters. And to be on the best side 20. Now this is not a word based password, it either needs to be alphanumeric or a paraphrase e.g i.<3.my.kitty.r0zzie.2o17 – now this is a paraphrase, it is comprised of the alphabet, numbers and punctuation marks. Note that, this password is strong enough and is 25 characters. This will take an extremely powerful system to crack this, and it might take months, that’s a lot of electricity bills and user time, keeping the computer running 24/7.
So to summarize. You now know the recommended standard is 16 characters but kindly for my sake make it 20. As technology keeps on advancing. A point to note NEVER use a password more than once and NEVER reveal your password to anyone even google themselves or whatever site/platform you are using. Due to the ever advancing “Social Engineering” techniques, where people are able to mask themselves as Google telling you, you have been hacked, and that they need your email address and password, these are usually lies. Since social engineering is basically using human stupidity, emotions and the urge of correction against you (look i didn’t come up with this definition, so if something like this happened to you, just know am not calling anyone stupid!) an example is when you tell someone 2+2=5, they will tell you no its 4, the same way hackers will use the same trick to get real data from you seeing that when they tell you something close to the truth about you eg “Do you live in South B” then you tell them “No i live in South c in Mugoya Estate” )just based on this little info and the tonation of your voice, determine whether you are a man or woman, they build a wordlist with all female/male names in existence plus your location and afew things they can find in your social media account like birthdays, favorite colors, food, movie and music. I will dwell in this topic later on as its a big one. And a point of advice, dont overshare in social media sites, there could be someone gathering your data, planning to hack any and all your accounts.
Password Creation Requirements
- More than 6 alphabets
- 4 or more numbers
- 3 or more characters e.g . , / ” : < = – * ( % _
Now i know remembering is an issue and science proves that the human brain wasn’t built for remembrance and as such, i recommend a password manager like LastPass or Dashlane or KeePass . Which can store all your passwords with a master password(Which should be more than 20 character long and unique). They have android and desktop platform. And apart from these they also have extensions for all of the popular browsers Google Chrome, Mozilla Firefox and Opera Browser.
And turn on Two-factor Authentication to prevent hacking attempts, basically what this does is to link your account with a password and your phone, so each time you log in, you will need to enter your username/email and password then confirm through a code sent to your phone, to determine whether or not you are the account owner.
That’s it for now. Subscribe, like, comment and share. And keep calm! The next post, i will touch on anonymity, privacy and security. Seeing as the NSA and a bunch of many organizations and people are watching our phones, laptops, internet usage, text messages, calls and chats.
Till we meet again, goodbye!