Our Senior Developer, Andrew Markham-Davies gives some helpful advice on how to stay secure online…
10 minutes.
That’s all the time it takes for a brute force attack to crack your password if it contains up to six lowercase letters.
Now that’s pretty damn quick.
Add a few more letters and some upper case characters to your password and you’ve just increased the time it would take to crack to over a year. And you’d have to be very determined to spend that kind of time hacking a site!
Having a secure presence on the web is more than avoiding the word “password” as your password to secure your personal data (although, “password” IS the most popular password in use!) It’s all about taking basic steps when building websites and online applications to protect your company, and the data of your users.
Both web users and online companies need to do their part to ensure the highest level of protection of our data.
As users, we can make our passwords hard to crack so that brute force attacks are more likely to fail. As builders and owners of websites, we need to ensure that when we get our users’ data, we take all steps needed to protect it from scamps who might want to steal it.
Luckily for the website user, it’s not difficult to make sure your details are as safe as possible online, you just need to stick to a few simple rules…
- Don’t use dictionary words for passwords. Any hacking programs will go through dictionary words first in an attempt to hack into accounts. So keep clear of names, days of the week and greetings
- Avoid any obvious keyboard combinations, such as 123456, 098765 or qwerty, as these are also the first combinations a hacking program will try
- If you need to use something that’s memorable, mix it up with upper and lowercase letters and numbers. For example, “molly” is a weak password (4% on password strength scores), but “M011y1983″ scores 100%. Much, much stronger but still easy to remember (assuming the 1983 means something significant)
- Rate your own passwords online to check their strength
- If you’re having issues with coming up with a strong password, use a generator such as this . It will help you generate a strong password, which will avoid all the most popular words and combinations to ensure your password is secure
- Finally, don’t use the same passwords for all your accounts. This can be tricky, as no one wants to remember several different passwords along with everything else we have to remember in our lives, but taking the time to do this can pay off. Plus, saving the hassle of changing all your passwords because one online service got hacked/compromised, will be more than worth it in the long run
So much of our lives are now managed online, from the money in our banks to our social connections. With so much at stake, taking the time to observe some simple guidelines is time well spent.
At Turn Key we take the security of our clients very seriously. My job is to make sure the basics in web security are not missed out, from taking daily database back-ups of our clients’ content, to ensuring our clients are provided strong passwords to administer their CMS areas. I make sure we are doing our part, in making the web secure for our clients and their customers.