The Heartbleed bug is among the worst internet security flaws found for years, and prompted employees everywhere to rush to change their passwords.
However, It’s better to wait a little before changing your log-in details to make sure your password is as secure as possible. CBR speaks to Alex Smith, director of sales engineering at cloud company Intermedia, about the five steps to perfect that password.
Go beyond the "eight character wall"
Passwords with eight or fewer characters are worthless. Even though there are zillions of password combinations, a determined hacker with a botnet (or even a legal cloud computing platform) at his or her disposal can crack it in seconds. Make it 12 characters, and it suddenly takes far more resources and time than the hacker will deem it worth. To see for yourself, check this out.
Create unique passwords. One for every site
Hackers love going after innocuous sites because they know that people often use the same password across more valuable sites, like their online banking. Plan for the eventuality that one of your accounts will be breached – never use the same password twice.
Get very creative
Take a look at this list of the 100 most common passwords found in a batch stolen from Adobe. If your password is on there – or more importantly, if your password is even barely recognisable as English – it isn’t secure enough.
Religiously change passwords every six months
Assume that one of the sites you use will be hacked – the best protection is to habitually change your passwords.
Use a secure password management service to simplify your life
These services enable you to manage passwords from one location. By using computer-generated passwords, a password management service will create one that isn’t in the top 100 million of human-made passwords.
What’s more, the service will automatically change passwords for you and store them in an encrypted wallet. The only snag is that forgetting the master password can mean you’re locked out – but that’s a small price to pay for your security.
