News

Should You Be Staking Your Business On A Password Generator?

Thu, 25/02/2016 - 08:08
Redstor

A simple search on Google for the phrase 'password generator' returns more than 28 million results. You'll notice that most of them are actually password 'managers' with a built-in password generator. And you'll see why having a password manager becomes essential when using a password generator.

What's the big fuss about a good password?

In a previous article we explained a bit about how password cracking works. Basically it comes down to hackers using programs to cycle through millions of possible combinations of letters, numbers, etc. until they match the password. You can imagine that for every character contained in your password, the program has to run through more combinations by building on the first. This takes time. And the time increases as every new character gets added i.e. a password with six characters takes longer to crack than one with only five.

Why not create my own passwords?

Sure, create your own passwords. But know how to do it. Most people go with dates of birth, mother's maiden names, old pets' names, and worst, their own names ‒ not to mention using the word 'password'. For interest's sake, have a look at Gizmodo's review of the 25 most common (and ridiculously easy to guess) passwords used on the internet.
 
The other password practice pitfall is re-using the same password for multiple accounts. Hackers know that people do this and don't hesitate to exploit it.
 
There is also a misconception that a password needs to contain a variety of characters. This used to be a requirement for adding complexity to a password but it's no longer valid, not with all the computing power available today.

And enter the password generator

1. Good passwords

So the thing with a good password is, it needs to conform to the following standards:

  • It must be long enough, no less than 8 characters.
  • It must be unique – no reusing the same password over and over.
  • It must not be predictable. 'Superman' is not good enough.

The password generator will take this into account.

2. Benefit from the password manager

Like I mentioned before, if passwords are going to be generated automatically, all long, none of them unique, it's not favourable for us mere humans to try and remember all of that. The password manager becomes essential in your arsenal of data protection software. It keeps your passwords for you, for each account. You are able to access all these passwords by means of a master password. The master password is the only one you'll need to remember.

3. The password manager must also be secure

  • But not all password managers are equal. Make sure that it will keep your passwords in encrypted form so as not to allow eavesdroppers from snatching them 'in the clear'.
  • There is a form of malware known as a key logger. These programs run in the background recording all your keystrokes and then sends that off to an attacker. That's why it's ideal if the password generator/manager is able to enter the password on your behalf without the use of keystrokes.

 
Managing the password security in your company's databases is a different kettle of fish. Have a look at our previous article to better understand how to store passwords effectively. But when it comes to the daily use of online accounts, bear in mind that password generators come in handy for people that don't choose good ones, which seems to be most of us these days.

Recent Articles

Redstor_Ransomware_Typewriters_blog Ransomware

Latest Ransomware Attacks Leave Organisation Working On Typewriters

Ransomware is a threat to all organisations and has been prevalent for a number of years. Although recent reports suggest that organisations are no... read more

August 09, 2018
Redstor_Reddit_blog Ransomware

Two-factor Becomes Hack-factor In Reddit Attack

The last few years have seen a number of high profile hacks, each growing in complexity and affecting masses of people. Strains of ransomware have... read more

August 07, 2018
Redstor_Dixons_super-breach_blog Disaster Recovery

Dixons Breach Becomes Super-breach Following Review

Earlier this year high street electronics firm Dixons Carphone revealed that a data breach had occurred the previous year, effecting over 1 million... read more

August 02, 2018