Stay Safe Online
THIS ISSUE’S EXPERT: Darren Guccione, CEO of Keeper Security ( keepersecurity.com) Your questions answered by security specialists
Security advice for PC and mobile
QIs using a mix of letters and numbers still the best way to create a strong password? Ellen Bartlett, Twitter
AA decade ago, a five- or sixcharacter password was enough to beat most hacking programs, but computers are much faster now and a six-character password can be guessed by a brute-force attack. Your passwords should therefore contain at least 12 characters.
Substituting numbers for letters used to be effective but the criminals’ software is on to that trick and ‘ Spr1ngst33n’ doesn’t survive a determined attack any more. Additionally, ‘ 1qaz2wsx’ may seem like a pretty tough password to guess until you look at your keyboard and notice the pattern. A random series of letters and numbers must be truly random to have a chance.
It may seem like a good idea to store your passwords in plain text in a spreadsheet or mail them to yourself, but this leaves them vulnerable to ransomware, the fastest-growing category of malware, where criminals hold your data hostage until you pay them a ransom. While they wait for you to pay, they can scour your hard drive looking for anything that resembles a password list. Once they find it, the ransom payment is the least of your problems.
You may have the strongest password in the world, but if you share it with someone who stores it in an email account protected by ‘qwerty’, it won’t make a bit of difference. Your passwords are for your eyes only.
Your best bet is to use a password manager protected by strong encryption. The best ones generate secure passwords for you and give you total protection with two-factor authentication.
•See page 44 for our comparison of password managers