Friday 2 August 2019

6 Misconceptions About Passwords You Might Have

Guest Post by Techwarn

Do you take a cursory glance at your phone only for it to be unlocked as fast as possible, all thanks to the new facial unlock technology shipping with smartphones today? As a tech teacher who’s in touch with the most forefront development in the industry, you might think that password technology is heading out the door soon.
You might be surprised to find out that passwords are actually still one of the most secure options out there, and it’s not going anywhere anytime soon, and that is just one of the common myths. 
Here are a few more password misconceptions that might shock you a bit. If it’s insightful, bring them into the classroom with you. Although cybersecurity is not the most interesting aspect of tech education, it’s extremely crucial nonetheless.

1 Passwords are not secure

There is no better place to start than here.
When you consider every other form of access that you could use to get into personal files, passwords top the list here. Speaking of lists, we have considered all of your government ID details, phone number, and biometrics, to mention but a few.
Your government ID could be compromised and your phone numbers are not necessarily secrets. Biometrics are great, but they can sometimes easily be fooled. It might only take a picture or a face model to fool a face unlock system, or a lifted fingerprint from something you touched.
Considering all that, passwords are inherently more secure than the other forms of protection out there. Combine a strong password with two-factor authentication and you have a vault on your hands.

2 Passwords have a finite length

The funny thing about this misconception is that they are fed to users by websites and apps while attempting to promote proper password habits.
Take a look at any five websites requiring logins right now, and you’ll see that almost all of them (if not all) recommend setting a password of at least ‘8 characters.’ This can quickly form an impression in your mind that eight (8) characters are all you need for a strong password.
Before picking a password, always know that every extra character you add reduces the chances of having such a password cracked by far. Interestingly, the addition of every character makes your password harder to guess exponentially, not linearly.
In layman terms, all those extra characters count more than you know.

3 Length trumps complexity

Human ideas of what a complex password is, do not always match reality.
What you believe to be a very complex password could take a hacker mere minutes or hours to crack.
While your mind could make you believe you created such a complex password out of thin air, chances are there was a rationale behind it. This could be a name, significant year (your birth year, spouse’s birth year, etc.), common phrases (‘iloveyou,’ ‘mypassword,’ etc.) or any other thing.
Hackers are not what they used to be, though. With data from numerous data breaches over time, they have been able to train their algorithms to predict such password models. What they will have a hard time cracking is a very long password.

You should try to keep your passwords as close to 17 characters as possible, if not more. For very sensitive data (say, a blockchain wallet), go all out and spend as much as 23 characters on that account.

4 Passwords have to be specific characters

As long as the website/ platform you are using the password for allows it, passwords can be anything – anything at all. This means you don’t have to limit yourself to numbers, alphabets and special characters alone.
As long as you can type it out, you can literally throw anything into that password mix. This gives you the freedom to mix up your passwords with emojis, some Greek or Latin symbols, a script from another foreign language and much more.

5 Good users remember their passwords

The best users are those who don’t even know what password they have for their different accounts. This should be so, since they are running multiple passwords on all of their accounts.
Likewise, the passwords they are using are nothing close to being short – far from it.
So, how do they do it?
Most of them use password managers.
Wanting to remember your passwords could set you up for a breach. On the one hand, that thought makes you set a password which is easy to memorize – since you would want to remember it yourself. It needs no telling that if it’s easy to remember for you, it’s also easy for a hacker to find the pattern behind that password and guess it.
On the other hand, there is a huge chance you are repeating your passwords for multiple accounts if you can remember them. This puts you at a bigger risk since a hacker can now use password information from one account to get into the others.

6 Passwords are done

We had to put this at the end for a reason. Now that you’ve learned more about passwords from the above misconceptions, you should know that they are not going anywhere anytime soon.
If they would be taken off the sheet, there has to be something else in line to replace them. As of the time of this writing, there is no such authentication and security method which would kick passwords out of the way.
Before you mention biometrics, you might want to recall that these biometrics are usually supported on the password framework. More often than not, you are required to set up a password first before you use biometrics of any kind.
Again, this tells you just how important they are to data privacy and security. Anytime, any day.

This post was written by the wonderful people @Techwarn

Be sure to check them out!

No comments:

Post a Comment