Over a million developers have joined DZone.

How Can We Secure Our Passwords?

We already know that most people don't have very secure passwords. But we often don't do anything about it. If you aren't using secure passwords (for everything), maybe this article can convince you it's time to start.

· Security Zone

Discover how to protect your applications from known and unknown vulnerabilities.

During a recent study, it was shown that users' views of what a "secure" password is doesn't match reality. There were some big highlights.

  • People believe that passwords containing common phrases such as "iloveyou88" are as secure as other, similar length passwords with random words like "ieatkale88". Common phrases are much easier to hack.

  • People also thought that swapping letters for numbers or symbols, such as p@$sw0rd makes passwords much more secure. In reality, this is really predictable for modern cracking tools.

So, what's the answer?  It's clearly a problem that plagues even the smartest of people, as shown by Mark Zuckerberg's social accounts getting hacked recently. But there are steps we can take.

The most obvious is to use a password manager, such as 1Password and LastPass.  I'm a big fan of LastPass and highly recommend it. It's effectively a vault for passwords, with one master password.  It also has the ability to generate secure passwords for you, and a different one for every site you use. This way, next time Linkedin or whatever site you use gets hacked, your exposure is limited to just that site.

It has a plugin for all the major browsers so it can auto-fill in passwords on your behalf, and has a sharesheet for iOS. All in, it's more convenient than having to type in your password all the time.

If you're not keen to try it, or you need a good idea for coming up with a password for your master password, then I recommend you heed the wise words of XKCD:

Image title

Find out how Waratek’s award-winning virtualization platform can improve your web application security, development and operations without false positives, code changes or slowing your application.

Topics:
security ,passwords ,hacking

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}