Keeping track of all the passwords we need to use to function in our everyday life online can often be both troublesome and hard. As a result, many of us tend to reuse one or maybe two passwords that often leave much to be wanted in terms of complexity and safety. In this article we will take a closer look to why it is so important to choose passwords wisely and what you can do to keep track of them.
Passwords have been around since ancient times and have a long and exciting history, but if you want to understand the way we view passwords today we need not wind back the clock very long; In December 2009, the American based development company RockYou, who then specialized in social media widgets, were subjected to one of the most infamous data breaches in history. The breach resulted in the exposure of 32 million accounts. The stolen information spread fast among hackers and security professionals. Even though the number of accounts exposed was by no measure small, what made this breach stand out was that all the user data was unencrypted - including all user passwords. This not only meant that the RockYou had neglected to implement minimum of user data security but also that for the first time it was possible to analyze a massive list of passwords that people actually used in real life.
After analyzes of the list had been made what stood out was the massive scale of people using very easy passwords. In short: if you use any of these passwords change them immediately, and the same goes for if you have an easy password in general. Having access to the top 5000 passwords in the RockYou password-list means that you can crack 20% of all passwords. Or to be more precise: if you pick any account, be it a social media account or any other service, you have 20% chance in succeeding when trying them all. What is almost as shocking is that people until this day use the same passwords, which is really bad news since the RockYou password-list comes as a default in many popular hacking programs.
Please note, although trying out 5000 passwords might seem like a time-consuming task it really isn’t given the computing power and tools available. More about that below.
To store passwords unencrypted, like RockYou did, was bad practice even in 2009. Back then you were at least supposed to expect that services that kept user data online kept passwords in an encrypted format. The practice for encryption has evolved since 2009, meaning that it is much more complex to crack todays encrypted passwords. Although the password encryption complexity has evolved, so has computer capacity. How fast a password can be cracked if it had been part of a breach where the passwords were encrypted depends on:
– The length and overall complexity of the password
– The complexity of the encryption of the password
– The computing power the hacker can dish out in order to crack the password
As you might understand from the above; giving an exact estimation on how hard an encrypted password is to crack is almost impossible given all the variables. One thing is however still true: the simpler your password is the easier it will be to crack.
Since 2015 we have been working relentlessly towards making digital aspects of life simpler and more secure for people, corporations and organizations.
We are specialists and pioneers in the field of proactive ID protection solutions. We use our own proprietary technology and we meet the highest security and compliance standards.