Originally published April 26, 2013
Landlubbers, beware! Hackers from all over the world have raised their pirate flags at every port on the Internet. With cannons ablaze, they’re looking for ways to steal your email account, get into your computer and access your phone.
Most modern pirates don’t sail the seven seas looking for ships to plunder. They sit in front of a computer and steal all the loot they can get their hands on. Often the only thing that keeps them from stealing your stuff is a strong password.
“The most important part when it comes to password safety is length of the password,” says Matt Shaffer, BendBroadband’s information security officer. “The first step for a hacker is to go after low-hanging fruit – users that have easy-to-guess passwords.”
Hackers have many tricks up their sleeves; their ingenuity and technical prowess is never-ending. There are various ways hackers can infiltrate an account, even without knowing the password. They can crack open an account by using “brute force” — in essence, running computer programs that guess passwords at the speed of a million combinations a second.
“Most single-word passwords can be broken within seconds,” says Shaffer.
The more characters you add to your password, the longer it takes to crack it, unless it is a commonly used word such as “password.”
Last year SplashData, a company that makes password-management applications, released its annual “Worst Password List.”
Shaffer points out that in the end, even a complex password can be cracked. The good thing is that hackers are out for instant gratification. If guessing your password takes too much time and computing power, it’s not worth the effort.
“With a strong password, you’re not going to fall into the ‘low-hanging fruit’ category,” Shaffer says. “Instead, you’re creating security for yourself by being obscure.”
If hackers can crack 50 or 100 accounts with easy-to-guess passwords, they have accomplished their mission. Suddenly your email account is being used to send tens of thousands of spam emails or to conduct phishing attacks.
“You don’t want to lose access to your email account, especially if it is a personal email that you’ve had for a long time and want to keep,” says Shaffer.
Hackers don’t stop with email accounts. Modern telephony is based on Voice over Internet Protocol (VoIP). Phone services can be accessed via Web-based interface.
“If a phone account gets compromised, it can potentially cost the end user a great deal of money,” says Shaffer. “Hackers now have access to your phone number and can place long-distance or international calls from your account. Hackers can run up a bill on your account and you’ll never know it until you get your bill.”
In the end, we caution you to keep the pirates at bay with a strong password that stops them long before they set anchor in your account.
Please click this link for more information on how to create safe passwords.