Password security. A topic that concerns us almost every day. After all, all our accounts are protected by passwords. Our data is behind passwords. Accesses are password protected. Software works via activation codes. Money transfers, too. Numeric and alphabetic codes – that is, passwords – are everywhere. But when are they really secure?
Although the password is supposed to provide security and protect data, it is actually one of the biggest security gaps in data protection. We’re talking about weak and strong passwords. There are better and worse passwords, but they all have one thing in common: none of them provide full security.
In fact, over 80 percent of cybercrime is achieved through passwords. These are not necessarily weak passwords. Passwords are always vulnerable. A password is always a sequence of characters that does not change. Unless they change the password.
But a static string of characters can inevitably be figured out. It takes longer with strong passwords than with weak passwords, but they are all crackable.
A password like “12345” can of course be found out quickly by anyone. But even a password like “ferwufh8erHFH)(ESHFSADHFjhfj9r80” consists of a fixed string of characters that can be figured out over a longer period of time. In case of doubt, character by character.
Especially with modern technologies it is possible to read passwords or decrypt data. So there is no real password security.
In addition, users themselves are responsible for security breaches. Passwords that are used for multiple accounts are a major security risk. However, passwords have the major disadvantage that they have to be remembered. And this becomes more difficult the more complex the passwords become and the more passwords there are. One password for all accounts that you can remember is easier than twelve passwords for twelve accounts, none of which you can remember.
We have already mentioned a few ways to crack a password. But let’s go into them in more detail. Hackers use special software that can figure out passwords. These technologies go through individual characters and ensure hit after hit that the password is revealed.
A password can also be easily calculated using certain algorithms. For example, hackers can have it search for password combinations that they think are related to you. Let’s say you use your date of birth and another letter or two as your password. An attacker could have an algorithm search for the number combination of your date of birth along with two letters and they would be delivered the password.
Of course, it’s harder to figure out complex passwords. Even with an algorithm. However, even that is only a matter of time. If a hacker wants to figure out a password, he will figure it out.
A natural thought now is that this doesn’t have to affect everyone, after all, what does a hacker want to do with my data? But data always has a use. Attackers don’t necessarily use it to get rich. They can also just have fun annoying someone with a hack. And a hack can be incredibly annoying.
That’s why it’s better to prevent hacks directly. This works, for example, by using two-factor authentication with an authenticator. The codes needed to log in via the authenticator are changed every 30 seconds. So it is virtually impossible to hack them, and even if you do, you can’t do anything with them after 30 seconds.
Passwords are never completely secure. That’s why it’s important to secure yourself multiple times. Even complex passwords can inevitably be cracked. Hackers do not explicitly target only large corporations or companies. Small and medium-sized companies are particularly affected, as they are often easier targets. Private individuals are not safe either. Data is always a sitting duck for hackers. Where and from whom this data originates is secondary. Weak password security does not stop them.
