Using Strong Passwords and a Password Manager

xkcd comic on password strength
Chart describing password entropy and how long it takes to brute-force.<br />

Why should you use strong, complex passwords?

  1. Protection from Cybercriminals: Strong passwords make it difficult for hackers to access your information. They use techniques such as brute forcing, where they try numerous passwords until they find one that works. The more complex your password, the longer it will take for them to crack it.
  2. Safeguarding Personal Information: Complex passwords are particularly essential when it comes to protecting sensitive personal information, such as your banking details, contact information, social security number, etc.
  3. Preventing Identity Theft: If your password is simple and easy to guess, criminals could potentially gain access to your personal information and impersonate you, leading to identity theft.
  4. Protecting Confidential & Professional Data: If you use simple passwords for your work or business accounts, you risk exposing confidential and professional data.
  5. Providing a Line of Defense: Even if a company you have an account with has less than stellar security, your strong password can still act as a robust line of defense against potential attacks.

For these reasons, it’s advisable to use a mix of uppercase and lowercase letters, numbers, and special characters in your passwords, and avoid using obvious information like your name, birthdate, or ‘password123’. It’s also a good practice to change your passwords regularly and avoid using the same password for different accounts.

Reusing passwords is a security risk for several reasons:

  1. Single Point of Failure: If a single account with the re-used password is compromised, then all other accounts using the same password are also at risk. This can potentially give hackers access to your entire digital life.
  2. Data Breaches: Passwords reused across multiple sites are particularly vulnerable. When a data breach occurs at one website, the breached username-password combinations are often tested on other popular sites to see if they work.
  3. Automated Attacks: There are tools that cybercriminals use, often referred to as ‘credential stuffing’, which can automate the login attempts on multiple sites using stolen credentials.
  4. Predictability: If you’re reusing similar patterns, it might make it easier for someone to guess what your password could be.
  5. Increasing Value of Information: The more services we use that are integrated (social media, financial services, etc.), the higher the potential for damage if the password is discovered.

To enhance security, it is recommended to use unique and strong passwords for each account. Using a password management tool makes it easier to handle multiple complex passwords.

Top 10 Passwords of 2022

Rank Password Time to Crack in 2022
1 Guest 10 seconds
2 123456 < 1 second
3 password < 1 second
4 12345 < 1 second
5 a1b2c3 < 1 second
6 123456789 < 1 second
7 Password1 < 1 second
8 1234 < 1 second
9 abc123 < 1 second
10 12345678 < 1 second

Nord VPN Top 200 Password List

Q: How do I keep track of many different complex passwords? A: Password Manager!

A password manager is a tool or software application that stores and manages all your passwords for online accounts in an encrypted format. It provides a secure way to create, handle, and access complex and unique passwords.

Here are a few key features and functions of a password manager:

  1. Secure Storage: It securely stores your passwords and other login credentials in an encrypted form. This prevents anyone from stealing your credentials even if they gain access to your devices.

  2. Autofill: It can automatically fill in your passwords on websites and apps when you’re logging in, saving you the trouble of typing them in every time.

  3. Password Generation: Many password managers will generate strong, random passwords for you, enhancing your online security.

  4. Cross-Platform Synchronization: Password managers typically support multiple devices, so your passwords are available whether you’re using a computer, smartphone, or another device. They sync your credentials across all your devices too.

  5. One Master Password: You only need to remember one password to unlock your password manager. All your other passwords are stored inside.

* Queens College does not directly recommend a specific password manager at this time. We highly recommend that you use one, we just know that different managers may work better for different situations.