When it comes to passwords, many of us fall prey to keeping things easy and familiar. The bottom line is we don’t want to use complicated, hard to remember passwords for our email or anything else. We want to keep using our last name, our dog’s name, our first name and birth year, or something else that may be unsafe but it’s easy to remember.
In this day and age, we hear more and more about hacked and compromised accounts which lead to spam emails, confusion, lost money, and even identity theft. There is too much at stake and it’s far too easy for hackers to guess easy passwords.
How Long Does It Take To Crack Passwords?
Hackers trying to compromise passwords don’t always have to work on them for months and months to “crack” them. Sometimes it only takes a few minutes using their software programs. Here’s a chart showing how long it will take a hacker to guess various passwords:
|Password Length||Time To Crack||…with special characters|
|9 Characters||2 minutes||2 hours|
|10 Characters||2 hours||1 week|
|11 Characters||6 days||2 years|
|12 Characters||1 year||2 centuries|
[Jeff Atwood; 2018 times with the latest GPU processors; password length means characters A-Z (upper & lower) and 0-9]
Obviously passwords shorter than 9 characters will take much less time to crack. So changing passwords (even changing them often) does not by itself make you more safe from having your password hacked. The key is making it longer and adding special characters!
What Does It Mean To Get Hacked?
Getting hacked means your password or other personal/financial information has been found out by someone. Your information could have been captured by a spyware/virus embedded in your computer or by someone on the other side of the earth using a software program that “guesses” passwords for a particular account until they find the right one.
Going to unsafe websites, downloading “free” software, using the Internet without protective software (anti-virus, firewall), not updating your operating system software, or using unsecure passwords puts you at greater risk of being hacked. They are like going to dangerous neighborhoods where crime is more likely to happen, leaving your home or car noticeably unlocked, or leaving a key in a very guessable place (like “under the door mat”).
What Happens If You Get Hacked?
It depends which account gets hacked and what information is collected. A Facebook account being hacked or information being gathered about your latest web searches is a different situation than your email account being hacked or financial information being compromised.
- If social accounts, like Facebook, get hacked, the hacker may create a duplicate identity and try to get your friends to connect with this new identity so they can post ads and links that might be fake, dangerous, or otherwise misleading. There is little risk to your actual information.
- If hackers get your email password, they will likely use your email to send spam to hundreds or even thousands of addresses. If this happens, you are likely to get a bunch of messages from “mailer-daemon” saying your messages were rejected. Running a virus scan and changing your email password will resolve this.
- If hackers get your credit card, social security number, or other personal/financial information, then there is a risk of unauthorized purchases, credit cards being taken out in your name, and identity theft. The damage can cost you hundreds or thousands of dollars and take months or even years to resolve.
- Hackers can start using your accounts/information immediately after compromising you or they could sit on your accounts and passwords for months (or longer) before using your information so you don’t realize you’ve been compromised.
You may or may not see any evidence of being hacked. If you get returned emails that you do not recall sending or hear of someone telling you that “you re-friended them on Facebook” then you are likely compromised. Other types of hacking may be less noticeable as they try to stay hidden and undetected.
So What Should You Do?
Having good passwords for all of your online accounts is the first step. By good passwords, we mean passwords that are at least 10 characters in length and include at least one special character (#, $, %, *,. &, !, etc.). One great way to have strong, secure passwords but without having to keep track of them is to use a password management program like Password Genie or Last Pass. Password Genie is a program that is included with our Internet service under the “Tech Home” package. It can generate secure passwords for you and then store and fill them in as needed. Here are some screen shots of Password Genie:
If you would like to come up with secure passwords but are not interested in using password management programs, then we recommend getting a paper address book, writing down all the companies and websites with which you have an online account and then come up with a unique password for each, write them in the address book and go change them online.
Techniques for stronger passwords:
- repeat a word or phrase to make a short password longer (e.g. “PackersPackersPackers” instead of “Packers”)
- replace key letters with numbers or symbols (e.g. “MOR3$ECUR3” instead of “MORESECURE”)
- use a phrase run together instead of a word (e.g. “mydogsnameissweetie” instead of just “sweetie”)
- add a special character to the end (e.g. “strongpassword!” instead of just “strongpassword”)
We hope this information helps you become more secure online!