Cyberattacks grow by 150% in 2021. How can you make your passwords more secure?

If you think about the passwords you use, do you think they are easy to hack? If we reflect on this, we will realize that, both personally and professionally, many of us do not use sufficiently secure passwords.

This becomes an opportunity for hackers, who are using increasingly sophisticated techniques and can crack passwords more easily. In 2021 alone, cyberattacks increased by 150%, and they are expected to continue growing in 2022.

Poor user practices, combined with hackers’ increasing skills, make hacking an increasingly profitable business, and both personally and professionally, we must learn to protect our passwords.

Poor user practices when creating passwords

The data is clear: we tend to use passwords that are easy to remember (thinking about ourselves), regardless of how easy they are to hack. In addition, it is common for many users to use the same password for multiple accounts.

Nordpass (password manager) has compiled a report on the most commonly used passwords, and the results are surprising. The most used password worldwide has been used up to 103,170,552 times. And not only that, but this password is simply: 123456. As internet users, we should become aware of the importance of cybersecurity and better protect our passwords.

Phishing: the main method to hack email accounts

Phishing is the most common method hackers use to try to get email account passwords. By accessing email, hackers can retrieve a wealth of information. They could access data from our bank account, online purchases, or subscriptions, such as those for streaming platforms.

Also, let’s remember that many users repeat their passwords, so if the email password is cracked, they could also gain access to other online platforms.

How does phishing work?

The phishing technique involves creating an email that appears to come from a reliable source. They include a call to action, such as “check your order here” or “get more information.” If the user clicks, they are taken to a malicious link, and the hacker can attempt to crack their password.

What are the most common phishing emails?

Hackers are constantly refining their phishing methods, and their emails are becoming more creative. However, we can identify three fairly common types of phishing emails:

  • Account verification: they pose as a company where the user has an account, such as Amazon, and notify them that they must click the link to verify their account. They usually say that if the link is not clicked, the account will be deactivated, thus pressuring the user.
  • Spear phishing: this usually occurs in companies, where hackers pose as a colleague by replicating their email and sending a malicious link to someone within the company.
  • Sending a fake invoice: another frequently used technique is pretending to be an online retailer. They send an email with a malicious link to view a supposed invoice, allowing them to obtain the hacked user’s data.

3 methods for creating secure passwords

The best thing we can do to avoid these hacks is to set passwords that are difficult to crack. Experts recommend using a minimum of 10 characters consisting of uppercase, lowercase, numbers, and special characters. Each password should only be used for one account.

Considering these criteria, it may seem that generating secure passwords is complicated. So, we’ll share methods for creating passwords that are easy to remember and hard to crack.

  • Shorten words: you can create a phrase and remove the first or last letters to create combinations that are secure.
  • Change the vowels: for this method, we recommend using nonsensical phrases to make them harder to crack.
  • Use country codes to generate combinations: If you use the ISO codes of countries, you can create combinations that are easy to remember. For example, if you use Mexico, the United Kingdom, France, Germany, Japan, you can create the following password: mex gbr fra deu jpn.

Remember that with the result created from all these methods, you should then add uppercase, numbers, and special characters to make them even more secure.

Source: Holahorro.

May 2022