Should You Be Staking Your Business On A Password Generator?
A simple search on Google for the phrase 'password generator' returns more than 28 million results. You'll notice that most of them are actually password 'managers' with a built-in password generator. And you'll see why having a password manager becomes essential when using a password generator.
What's the big fuss about a good password?
In a previous article we explained a bit about how password cracking works. Basically it comes down to hackers using programs to cycle through millions of possible combinations of letters, numbers, etc. until they match the password. You can imagine that for every character contained in your password, the program has to run through more combinations by building on the first. This takes time. And the time increases as every new character gets added i.e. a password with six characters takes longer to crack than one with only five.
Why not create my own passwords?
Sure, create your own passwords. But know how to do it. Most people go with dates of birth, mother's maiden names, old pets' names, and worst, their own names ‒ not to mention using the word 'password'. For interest's sake, have a look at Gizmodo's review of the 25 most common (and ridiculously easy to guess) passwords used on the internet.
The other password practice pitfall is re-using the same password for multiple accounts. Hackers know that people do this and don't hesitate to exploit it.
There is also a misconception that a password needs to contain a variety of characters. This used to be a requirement for adding complexity to a password but it's no longer valid, not with all the computing power available today.
And enter the password generator
1. Good passwords
So the thing with a good password is, it needs to conform to the following standards:
- It must be long enough, no less than 8 characters.
- It must be unique – no reusing the same password over and over.
- It must not be predictable. 'Superman' is not good enough.
The password generator will take this into account.
2. Benefit from the password manager
Like I mentioned before, if passwords are going to be generated automatically, all long, none of them unique, it's not favourable for us mere humans to try and remember all of that. The password manager becomes essential in your arsenal of data protection software. It keeps your passwords for you, for each account. You are able to access all these passwords by means of a master password. The master password is the only one you'll need to remember.
3. The password manager must also be secure
- But not all password managers are equal. Make sure that it will keep your passwords in encrypted form so as not to allow eavesdroppers from snatching them 'in the clear'.
- There is a form of malware known as a key logger. These programs run in the background recording all your keystrokes and then sends that off to an attacker. That's why it's ideal if the password generator/manager is able to enter the password on your behalf without the use of keystrokes.
Managing the password security in your company's databases is a different kettle of fish. Have a look at our previous article to better understand how to store passwords effectively. But when it comes to the daily use of online accounts, bear in mind that password generators come in handy for people that don't choose good ones, which seems to be most of us these days.
The infamous Equifax data breach has once more expanded, the company announced last week that a further 2.4 million consumers in the United States... read more