We have all been told how to keep our passwords safe a thousand times. Keep it long, keep it complicated, and don’t use the same password more than once.
But how many of us can really say that we follow these rules like we are supposed to? The reality is that the vast majority of us are not following correct password management.
It may feel like everything is fine, but not taking password security seriously can leave you open to stolen passwords and brute force entry attacks.
The Risk is Very Real
How many people don’t wear a seatbelt and then get into a car accident? There are probably good statistics about how many people thought “I should have used my seatbelt,” as they were flying out of their vehicle. That’s how it can feel when you try to log into an important account, and realize that you no long have access.
“I should have taken my password more seriously.”
It is shocking how much damage someone can do with one password. Through identity confirmation and other tactics it can be relatively easy for a stolen Facebook password to lead to financial problems down the road. These attackers are good at accessing exactly what you don’t want them to.
The scariest part is that one of the most common attacks takes almost no effort from the attacker.
What is Brute Force Entry?
A brute force entry attack is an extremely common way that accounts become compromised. This attack is exactly what it sounds like, an attack that is using mere force to try and crack your code.
This is completed with a computer crunching passwords in at an alarming rate. Imagine a brute force entry attack as a computer program that is trying to guess your password. This program is loaded up with common password dictionaries, frequent word combinations, and more to help it break your code.
This program will enter thousands of attempts at rapid fire until it eventually cracks the code. If you had a 4 digit pin code then it’s the equivalent of letting your computer enter 0-0-0-1, then 0-0-0-2, 0-0-0-3, and so on until it gets the code right.
An attacker doesn’t have to do much more than run this program on someone until it cracks the code. This is one of the scariest things about this kind of attack: it takes almost no effort and is extremely effective.
How to Stop Brute Force Entry
The best, true way to solve brute force entry attempts is common password security tactics. We know that we said up top that we have all seen the rules more times than we can count. But we want to emphasis how just following these rules can help!
Let’s give an example of a good password and a bad password that are both following the common password rules.
Let’s say that the first password is a common type of human created password that they think is strong. The second password will be generated by a password generator.
Both passwords will also follow the same rules:
- Use combinations of letters, numbers, and symbols
- Use at least 1 capital letter
- No repeating characters
- Be at least 16 letters long.
Now, which password do you think will be more difficult for a computer to break?
Example Password 1: FamilyVacation2019!
Example Password 2: 9\Dgx*YA~v9R'N^y
Which password do you think will be easier for a computer guess? The second password is actually 3 characters shorter, but will provide significantly more protection than the first.
It’s very hard for humans to come up with things that are truly random. Brute force attacks rely on this by using the common patterns that humans use when we write or type. The computer is able to generate something truly unique.
Managing Password Safety
There is no way that you are going to be able to remember that example 2 password. This will only become even more impossible as you have to keep different passwords for each and every login credential.
This is why we highly recommend using a password manager. Password managers are great tools to keep all of your complicated passwords saved in a safe, and encrypted place.
The combination of a strong password created by a password generator, and numerous different complicated password combinations kept inside your password manager is a great way to stop brute force entry attacks!
Implement these tips into your cyber security plan today!