Although passwords such as 0000, 1234, azerty and Password are still widely used, most people know that they are worthless. It is better to use passwords of at least 14 characters with capital letters, numbers and special characters. Because strong and long passwords are difficult to remember, it is often recommended to use a passphrase. And even better: to use a password vault.
But is your account always secure if you use a strong and long password?
Hackers can retrieve your password by cracking or stealing it.
Hackers crack passwords, using lists of the most commonly used passwords, which are very obvious. The most commonly used passwords in Belgium are 'password', '123456', 'azerty' and 'abc123'. Making only 4 attempts will give you access to many accounts in no time...
Another method for cracking passwords is to use hacker software that tries out all possible combinations of available characters until the password is found. You don't need to be a math genius to understand that the shorter a password is, the faster the hacker software can guess a password.
Using hacker software to crack passwords, you can find the passwords:
- pass, after 9 milliseconds
- password, after 1 month
- passwordsareobsolete, after 800 quadrillion years (that's an 8 with 29 zeros) [1]
This method is ultimately 100% accurate. The software tries all possible character combinations until it finds a combination that matches the desired input. You read it correctly: in theory you can crack any password, as long as you have enough time.
Long and strong passwords are in fact passwords that will take hacker software longer than a lifetime to crack. These passwords are practically impossible to crack, therefore. But they can still be stolen.
[1] https://howsecureismypassword.net/
Hackers have different ways of stealing your password.
They can steal your password using phishing or fake messages. You will be fooled into sharing your password with them. Learn more about phishing.
A data breach at a company's online service can make your password available to everyone on the internet. You can check if your password has ever been leaked. Hackers can easily find these data leaks on the internet, and they like to take advantage of them.
Hackers will install a virus on your computer that records your keystrokes and communicates them to the hacker. This virus, also called a Keylogger, allows hackers to see which passwords you are typing. Our campaign website contains more information about keylogger and how to protect yourself against it [link campaign website article keylogger].
Hackers can steal your strong and long password. It is therefore important to set up a second layer of security on your account. This extra protection is called Two Factor Authentication (2FA). This is easy and safe!