Website as a Service: Create, maintain and promote your website with a simple monthly payment.
March 25, 2020
How to create a website that inspires confidence?
December 1, 2021
We use passwords every day. Whether it is to access our online messaging, to connect to the cloud, to social networks, to log in to the administration of a website, in short to accomplish tasks that are part of our daily lives, the password is the fragile key that protects our personal and professional data.
It will only take a few seconds for a malicious person to hack your password if it is too “weak”.
If your passwords look like “123456”, “azerty”, “password” or “iloveyou”, change them without delay, a malicious person will have no trouble discovering them.
The password manager Nordpass has published the list of the 200 worst passwords of 2020, make sure that the ones you use are not among them, if so change them immediately by following our tips.
| Rank | Password | Number of users | Time to decipher |
|---|---|---|---|
| 1. | 123456 | 2,169,864 | Less than a second |
| 2. | 123456789 | 878,648 | Less than a second |
| 3. | azerty | 669,693 | Less than a second |
| 4. | qwerty | 258,382 | Less than a second |
| 5. | 12345 | 240,177 | Less than a second |
| 6. | 1234561 | 219,755 | 1 second |
| 7. | loulou | 204,894 | Less than a second |
| 8. | doudou | 200,462 | Less than a second |
| 9. | marseille | 198,936 | 1 day |
| 10. | azertyuiop | 184,512 | 1 minute |
You can test the risk of your email addresses with HaveIBeenPwned or KeeperSecurity.
There are several ways to strengthen your password.
Method 1: How to manually create secure and easy to remember passwords.
The technique for creating a complex but easy to remember password is as follows:
1 – Your password must be at least 8 characters long.
2 – Memorize a long phrase from a song, book etc.
Let’s use the beginning of Jane Taylors song “twinkle, twinkle, little star” as an example: ” ♬ ♪♪ Twinkle, twinkle, little star,
How I wonder what you are!
Up above the world so high,
Like a diamond in the sky. ♫♫”
Let’s just remember the first few letters of each word. This gives us: “ttlshiwwyauatwshladits”
3 – Define which letters should be capitalized
Here we arbitrarily choose to capitalize the first letter of the password as well as the vowels, i.e. ” TtlshIwwyAUAtwshlAdIts”.
3 – Add special characters at the beginning and the end, or even in the middle
Let’s add numbers after the s’s and l’s ” Ttl1s2hI3wwyAUAtws4hl5Ad6Its
And finally sprinkle in some special characters “€Ttl1s2hI3wwyAUAtws4hl5Ad6Its?!”
This is a complex password that only you can remember!
Method 2: Use password generators.
If you’re not very inspired and don’t have an easy-to-remember catchphrase in mind, you can use online tools to help you create a strong password. Here are some examples of sites that offer this service
– https://passwordsgenerator.net/
– https://phppasswordhash.com/
You will get a password like ” !6N)k7jRo”. Passwords generated in this way are not easy to remember, but this is of little importance as we will see later.
Test your new passwords.
Go to Security.org and paste your new password, you will immediately know how long it would take a hacker to find it. For your information, this site does not keep the passwords that are submitted to it.
We tested our password “€Ttl1s2hI3wwyAUAtws4hl5Ad6Its?!” and here is the result.
If, like me, you discover that the word “tredecillion” exists, there is no need to go looking for its meaning on Wikipedia, I will give it to you. A tredecillion corresponds to 1078, or a 1 followed by 78 zeros.
Our universe is “only” 13,800,000,000 years old, so it would take a bot with hundreds or thousands of guesses per second multiple times the age of our universe to crack the password.
Method 3: You want to keep a password close to the one you are currently using.
No problem, but consider strengthening it. The following example (again using security.org) shows you how to do this and how much more secure you can be by including capital letters and special characters. Let’s take a word of 8 letters: audience
- audience: 5 seconds to be cracked by a bot that makes several hundred requests per second;
- Audience: 22 minutes;
- Audience@n: 1 year;
- Audience@n#: 96 years;
- Audience@n#adE: 29 million years;
- Audience@n#adE$: 1 billion years.
Method 4: Use a two-factor authentication system.
The two-factor authentication is a technique that consists in validating a password by sending a code by SMS or by a security key. Several sites or applications offer this service:
Google Authenticator: Allows to protect access to Gmail, Amazon Web Services and Facebook for example
Microsoft Authenticator: Allows to secure access to all Microsoft services
Apple Authentificator: Allows to connect Apple devices together in a secure way: Mac, iPhone, iPad, Apple Watch.
Authenticator: Authenticator (available for iOS) is a free and open source authentication application. The app never connects to the Internet and your secret keys never leave your device.
Authy: The Authy app has a great user interface on all platforms and is easy to use on iPhone, Android, desktop and even Apple Watch.
Duo Mobile: The Duo Mobile app (iOS and Android) generates secret codes for logging in even when your device is not connected to the Internet. The application is free.
It is even possible to add a third level of identification using biometric heart rate sensor for connected watches or facial recognition for PCs and smartphones.
Method 5: Use a password manager.
A password manager is a great tool for generating and storing passwords. A password manager comes in the form of a database in which you can securely store your various logins and passwords. To access it, you will of course have to enter a password, but it will be the only one you need to remember.
Among the most popular password managers we have
- Keepass (free, not very intuitive interface)
- BitWarden (free basic version, open source)
- LockSelf (paid, from 3€/month)
- 1Password (paid, from 7€/month)
- LastPass (paid, from 2.90€/month)
- Keeper (paid, from €3.49/month)
Method 6: Save your passwords with your web browser.
Your browser allows you to store your passwords. Google Chrome, for example, offers you to save or change your password every time you connect to one of your accounts or online services (email, cloud, website…); very practical especially if you have many accounts.
If you have a password to access your computer, Chrome will ask you for it first, which is why it’s a good idea to have one too.
To enable the password storage feature in Google Chrome, go to “Settings”, then “Autocomplete”, then “Password” and check the options “Offer to save passwords” and “Automatic login”.
Other things to remember.
Clean up your passwords.
Check your accounts regularly for suspicious activity.
Avoid connecting to public Wi-Fi spots and prefer to share the 4G connection of your smartphone if you want to connect your laptop in a public place.
Change all your passwords regularly.
Don’t use the same password for all your connections.
Differentiate your private and professional passwords.
The password of your main email account should be unique and not used for any other connection.
Bonus: How to retrieve your saved passwords?
To find your saved passwords on the Internet, go to the “options” menu of your Internet browser (Mozilla Firefox, Chrome, Safari…) and select, depending on your browser, the “navigation and Internet” or “security” or “auto-fill” or “personal data” tab.
You will find all your saved passwords corresponding to the visited sites.
🙃
