A good password is first a secure password

2021 02 22

Now, tens of thousands of people in Lithuania change their passwords. Statistics show that 26% of Internet users use the same or a similar password for different systems, and as many as 48% have the same password for work and personal needs. The reason is that so it is easier to remember. Specialists warn of the threats of such a choice and advise on how to create a secure, reliable and easy-to-remember password.

“Although users understand the threat to their personal data and property if the password is “hacked” by malicious people, 3% of Internet users still choose the most insecure option – the password ‘123456’,” notes Irmantas Bankauskas, Chief Sales Officer at Baltic Amadeus. For those who are creating a new password, the specialist has several recommendations.

Use the expression of emotions

Passwords are traditionally made up of Latin letters, numbers and other characters, and now, also of emoticons. Even if a single emoticon is included, this significantly increases password security merely because hackers simply do not use emoticons as possible password characters. “Although most systems do not yet have the emoticons feature, you can use all the characters on your keyboard for creating a password. Using the colon ‘:’, the semicolon ‘;’ and brackets of different shapes allows you to create a kind of emoticons that would be part of the text password,” reminds the expert from Baltic Amadeus.

Use the CAPS LOCK feature

Irmantas Bankauskas states that even difficult-looking but short passwords (for example, “H7%e*}”), those consisting of one meaningful word (for example, “fejerverkas123”) and similar passwords can be easily “hacked” with appropriate programmes and computer resources. However, the way of writing the word makes the difference: “In the world of passwords, uppercase and lowercase letters have different values, so a combination of these is more difficult to overcome. For example, a password like “labas123” takes just 30 seconds to hack, while “Labas123” takes 2 minutes. The password “lABaS1DU3” is already claiming to be classified in the category of more complex passwords,” advises the expert.

Write with mistakes

The expert notes that in order to hack passwords hackers use… dictionaries: “Software uses dictionaries as a basis – the systems quickly check hundreds of words, so if your password is just a single, even a very rare word, the system will find it in a second.” The solution is to write with mistakes. The selected word can be transformed by replacing vowels with consonants, long letters with short ones, or simply by swap about the letters. An easy-to-decipher “Obuolys” can become a more complex “Oboulys” by swapping just one letter.

Encode logical phrases

According to Irmantas Bankauskas, passwords, which are especially complex, but do not have internal logic are not a solution. People just do not remember and write them down on a piece of paper they put on a table or stick next to the computer screen. “It is even worse than ‘Slaptažodis123’ because anyone who comes to your computer can access your data,” says Bankauskas.

The expert advises to encode words or phrases that mean something but do not fall into the standard categories of unsafe words: “Forename, surname, company name, family members’ names, name of the place where you live, or product name – all these are words that hackers will definitely check, so they should not be used in a password. Instead, design a phrase that is easy for you to remember and ‘decorate’ it with symbols. For example, the phrase ‘Mėgstu cepelinus’ can turn into a great password ‘M3GstUZ3P3LinuZ’,” advises the representative of Baltic Amadeus.

When possible, choose two-factor authentication

Although “two-factor authentication” sounds complicated, many people already use it. “In on-line banking systems, where it is necessary to make sure that the right person is connecting, a two-factor system is used, when an additional code is received by the mobile phone or a special app, which the user must confirm. Although only some companies use this method at present, it will be offered by more and more service providers in the future,” the expert predicts.