The security of your data does not have to be complicated.
Kaspersky Lab researchers have discovered that the greatest fragility of passwords is their reuse.
The recent publication of the news of the theft of over 700 million unencrypted emails and passwords reveals that the information received because of the different flaws can be easily combined and used in other “credential-filling” attacks, where hackers take advantage of e-mail combinations or victim passwords to access other accounts that have the same word.
To create safe, unique and easy to remember passwords, Kaspersky Lab recommends:
Step one: Create a “static combination” (the part of the password that never changes)
1. Think of a phrase, lyrics, quotes a movie, a childhood song or something easy to memorize for ourselves.
2. Pick up the first letter of the first three or five words.
3. Enter each letter, for example, add @ / #, etc. From now on, you can create unique passwords thanks to this combination.
Step two: Improve them through the strength of association
1. When thinking about the online accounts for which we need to have a password (Facebook, Twitter, contact or game sites, etc.), we must note each one of the first words we associate with each network.
2. For example, when we create a password for Facebook, we can associate this network with the blue color of the logo; or we can add the word “blue,” perhaps in upper case, at the end of the static combination.
“There is still a lot of confusion about what is meant by a secure password. Many websites now require complex passwords, which have eight or more uppercase and lowercase letters, numbers, and special characters. This is what many users regard as a secure password, which is quite discouraging“ said David Jacoby, a security researcher at Kaspersky Lab’s Research and Analysis (GReAT) team.
Jacoby added,” The good news is that “strong” does not have to mean fear.
When we look at the problem from a security perspective, we can see that passwords are mostly safe if they are unique and used only in one account.
There are simple ways to make them unique but easy to remember, so we need not to use them in other accounts even if the details of the account are exposed in a data crash.