Good passwords are key to protecting sensitive information. You may be using passwords that seem to be strong and that fit those common password rules that websites force you into. But, how truly secure are your passwords?
You might be surprised to learn that most passwords under 9 characters in length can be easily broken within hours or seconds, even with use of uppercase + lowercase + numbers + symbols!
The good news is, if you add just a few more characters, the time required to crack a password jumps substantially. A 12 character password that uses upper/lowercase + numbers + symbols can take upwards of 30,000 years to break with current algorithms. See this chart which illustrates this concept.
So, here are 5 password tips that Virtual Hallway recommends you to consider the next time you are setting a password (and ideally that you should use to update your existing passwords).
Choose a password with 12 or more characters. One handy trick is to use a passphrase where you have a sentence that you like or is meaningful to you, and then basing the password off of the first (or last) word of that sentence. For example, take the sentence “The rain in Spain stays mainly on the plains.” If you take the first letter of each word “trissmotp” that is a good start for now.
Add in a mix of upper and lower case letters as well as to add in special characters (e.g. #*@&#-), it will significantly strengthen your password. You could even pop in your favourite typed emoji ; )
Do not include information that is personally identifying or that a hacker can pick up through your online profiles. That means nothing about the school or university you went to, your age, your pet’s name, etc.
No Old Passwords
There is a surprising amount of information that gets leaked from all sorts of websites. In fact, if you type in your email address to check if you’ve been pwned (click here to learn what I’m talking about) chances are at least one of them has been tied to a leak. This means that hackers may have access to your old passwords (along with other personal information). If you have (or even if you haven’t) you should renew/re-create your passwords regularly and DO NOT reuse old ones. And avoid adding incremental changes to the same password. That is a classic trick that all hackers know well (e.g. springtime2013, which you change to, springtime2014 and then to springtime2015, etc).
Use a Password Manager
All of these rules make passwords stronger, but you might be thinking “how in the world can I remember all of these passwords”? In comes the password manager. Most password managers have been around for years and the reputable ones have a strong track record and have built in a high level of security. Once you get used to it, you’ll wonder why you didn’t start using one sooner. You can find reviews of the top password managers with a quick search, but typically the top options tend to include: Nordpass, LastPass and 1Password.
It is important to take your passwords seriously, especially in the healthcare field. To wrap up our sample password we started earlier lets add more characters, upper/lowercase, numbers, special characters. So our end product might be something like “TrIsSmOtP#05”. Voila, your password just become significantly stronger!
Want to Update Your Password?
It's simple. Log in to your account, click Account -> Security -> Password Settings. Enter your Current Password and New Password and the click "Confirm Change Password". That's It! Consider activating Two Factor Authentication while you are at it to further enhance the security of your account.