CloudSEK’s cheat sheet for setting strong passwords

Published on September 16, 2020 | 01:30 PM IST
Deepanjli Paulraj | Lead Cyber Threat Editor

Share this Advisory:

Despite the recent spike in #phishing campaigns, #malware attacks, and data leaks, a recent study of leaked credentials found that 1 out of every 142 passwords is good old “123456,” and that only 12% of the passwords contain a special character. This trend of taking #CyberSecurity for granted needs to change.

Here’s CloudSEK’s cheat sheet for setting strong passwords that are hard to crack.

1. Strength in length

Make sure your passwords are at least 10-16 characters long. It is estimated that 9-character passwords will take about five days to break and in case of a 10-character word password will take a good four months, and 11-character passwords take about 10 years

2. Avoid the obvious

Don’t use your date of birth, a loved one’s name, or other personal information that can be found on the internet. Steer clear of dictionary words and common phrases.

3. Variety is key

Use both uppercase and lowercase letters, numbers, and other special characters. And make sure you don’t lump the letters and numbers. Jumble and intersperse the letters, numbers, and special characters. 

4. Multi-factor authentication

This way even if your password is cracked or stolen your account can’t be accessed without an OTP or confirmation. 

5. Re-use makes it easy to abuse

Using the same password for multiple accounts means all your accounts can be compromised if one of your account’s passwords has been leaked or cracked. 

6. Keep it moving

Change your password every 60-90 days to ensure passwords from old leaks can’t be used to compromise your accounts. Even if the password is strong this can destroy the strategy.

7. Be vigilant

Stay abreast of the latest leaks, by following CloudSEK’s cyber bulletin and threat intelligence, and check if your credentials or details are part of it. Respond immediately by changing your password and enabling multi-factor authentication. 

Be informed about threats in your Inbox

Sign up now to our Threat intelligence Newsletter and be the first to know about threats first in your inbox.