Americans Hate Passwords

According to a recent survey, most Americans think there are simply too many online security measures these days. Researchers commissioned by analytics software firm, FICO found that while people expect the websites they use to do everything in their power to prevent fraud, they feel hassled and annoyed by the amount of security question hoops they have to jump through.

Basically, Americans want their online information to be safe, but they don’t want to have to remember a 12 character password (with upper and lower case letters, a special character, and a number.)

We get it, it’s kinda annoying. But for the moment, it’s the best we’ve got.

At TechDad, we meet a lot of clients who don't see the value in investing in their online security until something bad happens. And at that point, it’s often too late and the damage has been done — identities stolen, bank accounts emptied, valuable data lost. We can’t stress enough how important it is that you take an active role in securing your information — and for now, that means you have to put up with those annoying security questions.

There are, however, some ways to make things a little easier. Ensuring that you’re using strong passwords is the first, and most important step in protecting your online information. There are two main questions to consider here:

  1. How easy would it be for a human to guess your password?
  2. How easy would it be for a computer to guess your password?
     

"We're living in the beginning of an era of mass targeted attacks," said Nate Fick, CEO of security firm Endgame. "Things are bad and they're going to get worse."

 

Understanding How Hacks Happen

There are two main ways that your passwords can be hacked: either by an actual person on a computer (wearing a black hoodie, of course) targeting you or by getting caught in a widespread data breach (like the 2017 Equifax hack.) 

When you enter a password into a website, it goes through a mathematical process of letters and numbers to create a “hash” or “digest.” It is nearly impossible for a person to guess the hash value and decipher the original version, so an individual is much more likely to try to guess your original password. If you’re using information that’s readily available on your Facebook page, for example, that makes the guessing game a whole lot easier.  

A brute force attack (or brute force cracking) is a trial and error method used by computer programs to decode encrypted data such as passwords. The attack runs exhaustive combinations to try to crack a password.  This method is very fast when used to against short passwords, but longer passwords, passphrases, and keys have more possible values, making them exponentially more difficult to crack than shorter ones.
 

Review this checklist to help you decide if your passwords are strong enough to keep out hackers.

  • Does your password include personal information that would be easy for someone to guess? This might include your spouse’s name, names or ages of your children, names of pets, the town where you live, type of car you drive, your mother’s maiden name… or Rover55 for example.  

  • Does your password include sequential numbers or letters? (1234567, abcdefg, 1111111, zyxwvu, etc)

  • Is your password a string of letters on your keyboard? (qwerty, lkjhgf, zxcvbnm)

  • Do you use the same password across several platforms?

If you answered “yes” to any of the above then it is definitely time to update those passwords! Review our Hacker-Proof Password Guide for strategies and tools for building strong passwords.

Additional Password Resources:

Creating a Secure Passphrase
Find a Password Manager That Works For You