January 27th, 2022

Make your passwords stronger with a simple trick! - WST

Last week, we mentioned the dangers of reusing passwords across multiple services. Now, we would like to tell you how you can make your passwords stronger to prevent threat actors from guessing what passwords you use and compromising your accounts.

When a criminal wants to log into your account without your permission, they have a few different options—they can attempt to steal your password from you with phishing, they can try to guess your password, and sometimes they can exploit vulnerable software to obtain encrypted password hashes that can expose your password via cracking software on their computer.

Although we absolutely recommend using a password manager (e.g., LastPass, BitWarden, 1Password), there is one simple trick you can do to make your passwords stand up to even the most technical brute force attacks:

  • Use spaces in your password!

We all know that passwords should contain upper and lower-case letters, numbers, and symbols—but adding a space to your password will make it incredibly difficult to guess with cracking software.

For example:

Notagreatpassw0rd! - This password can be guessed in 15 seconds using cracking software.

Now, what if we add spaces?

Not a great pass w0rd! - This password can be guessed in 56,000 years using cracking software.

How does this work? Modern brute forcing and cracking techniques have a difficult time accounting for spaces within passwords, as they are different from standard letter+number+symbol requirements. Criminals know to try letters, numbers, and symbols, but spaces on the other hand add a new dimension of difficulty to guessing or cracking a password.

This is why we recommend passphrases with spaces instead of passwords so often. Other important password tips to consider:

  • Use letters, numbers, symbols, AND spaces
  • At least 14 characters long
  • Avoid using the name of your workplace in your password (10dSecurity!)
  • Avoid using seasons, years, or dates in your password (Summer2022! is very common example of something we see a lot)
  • When using passphrases, avoid using common sayings or movie quotes (This Is Sparta!)

Keep in mind that some services may not allow you to set a password with a space. In such cases, it is best to use a password manager to create and store a completely randomized password instead.

Authored by: Nathan Harger, CEH

You May Want to Read More:

The Scope of SARs - Something Old and Something New - WST

January 28th, 2021

Did you know that filing Suspicious Activity Reports...

In with the new year, out with the Flash - WST

January 21st, 2021

The writing has been on the wall for a while now ...

Back to Basics: Understanding Risk Concepts - WST

January 15th, 2021

People often make judgements and decisions about risk...

Keep your institution off the evening news.

Contact Us