Insecure Passwords Put Your Data at Risk

The danger of someone guessing your insecure password is very real. Do you really want to take that risk?

Why gamble with your data? Having your computer or online account broken into is not a pleasant experience.

Cyber attacks today are automated. It is not about you or me, cyber intruders target everyone's computers in order to steal personal information and sell it to the highest bidder.

The low-hanging fruit is easiest to pick. That means very easy-to-guess passwords.

A password is often the only protection between cyber criminals and your computer and personal data. If someone guesses your password, they gain immediate access to your personal information.

Cyber thieves are using software that constantly scans and attacks everything connected to the Internet. This includes home routers and Internet cable modems, computers, laptops, tablets and mobile phones.

They also attack businesses and online service providers (banks, shopping websites, Gmail accounts, your company, etc.). Although such services are relatively safe, if you are using insecure passwords there is still a chance that someone will break into your online account and steal your data and personal information.

You wear a seat belt when you drive a car, look both ways when you cross the street and lock your front door. You should treat your passwords - and computer security in general - with the same importance.

A password is insecure when it is easy for other people and computers to guess.

Insecure Passwords Offer No Protection

Computers are very good at performing a lot of calculations very fast. When you surf the web, watch videos, write a document or play video games, the computer is processing millions of calculations per second.

Cyber thieves use the same computing power to break (guess) your computer passwords. They use specialized software that automates password guessing. Some of this software is available for free on the Internet, and requires no special skill to use.

Such software tries different combinations of letters and numbers, in sequence, for a password until it finds the correct order of characters that your password is in. Computers can do this very quickly, especially for passwords that do not use many characters. This is called a brute force attack.

For example, if your password is cba, the computer will try: abc, acb, bac, bca, cab, cba. It takes only six tries to break this password. For a computer, this is a fraction of a second. In other words, instant.

Because computers can do this extremely fast, you should have more than a few characters in your password. Many people and online business services recommend at least eight. If you want to be safe, eight is not good enough anymore.

Each additional character in your password adds to its security.

But how long a password is long enough? It depends on how many different character sets the password consists of.

Character sets are grouped into:

  • Lower case alphabet
  • Upper case alphabet
  • Numbers
  • Special characters like !@#$%^&*(){}><.

The more character sets you use, and the longer your password, the more secure it is.

These passwords both have 16 characters. The second one is more secure:

  1. jnrtosxhcvaymufr
  2. A;s3o9*P(w:Sdj+z

You don't have to go to extremes though. A long password consisting of lower and upper case letters and numbers is very secure.

An example of a good, secure, 20 character password: yrIQ6cpaS1YeO6WAHQ89

Of course, do not use this particular password for anything. It is just an example.

Computer Security Takeaways

A password is insecure when it is easy for other people and computers to guess.

Computers are very good at guessing weak, short, insecure passwords.

Do not use insecure passwords. The risk of getting your data stolen is too high.

An example of a good, secure password: yrIQ6cpaS1YeO6WAHQ89

Use a password manager to help you generate secure passwords and remember them for you.