Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

How Can We Secure Our Passwords?

DZone's Guide to

How Can We Secure Our Passwords?

We already know that most people don't have very secure passwords. But we often don't do anything about it. If you aren't using secure passwords (for everything), maybe this article can convince you it's time to start.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

During a recent study, it was shown that users' views of what a "secure" password is doesn't match reality. There were some big highlights.

  • People believe that passwords containing common phrases such as "iloveyou88" are as secure as other, similar length passwords with random words like "ieatkale88". Common phrases are much easier to hack.

  • People also thought that swapping letters for numbers or symbols, such as p@$sw0rd makes passwords much more secure. In reality, this is really predictable for modern cracking tools.

So, what's the answer?  It's clearly a problem that plagues even the smartest of people, as shown by Mark Zuckerberg's social accounts getting hacked recently. But there are steps we can take.

The most obvious is to use a password manager, such as 1Password and LastPass.  I'm a big fan of LastPass and highly recommend it. It's effectively a vault for passwords, with one master password.  It also has the ability to generate secure passwords for you, and a different one for every site you use. This way, next time Linkedin or whatever site you use gets hacked, your exposure is limited to just that site.

It has a plugin for all the major browsers so it can auto-fill in passwords on your behalf, and has a sharesheet for iOS. All in, it's more convenient than having to type in your password all the time.

If you're not keen to try it, or you need a good idea for coming up with a password for your master password, then I recommend you heed the wise words of XKCD:

Image title

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
security ,passwords ,hacking

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}