Authored by a Symantec employee
Passwords are to a hacker like your house keys are to a thief. Think of your passwords as your digital keys. They open the door to your personal digital life, including your networks of friends and colleagues, contacts, photos, videos, emails, and even banking and payment details. This is why you should use strong passwords that can’t be easily hacked instead of weak passwords.
Hackers easily crack weak passwords
Examples of weak passwords are those that feature common words, include your well-known personal information, or are less than eight characters long. Hackers don’t need to expend much effort to crack these types of passwords. Instead, they can use these three techniques to hack your passwords:
- Dictionary attacks. This type of attack relies on programs that cycle through a predetermined list of common words or phrases often used in passwords. To protect your accounts from dictionary attacks, avoid using common words and phrases in your passwords.
- Social media information. Our social media accounts are gold mines of information. Posting photos of your new puppy, Buddy, or displaying the name of your high school may sound harmless. But cybercriminals can use the information you provide to access your accounts. “What is the name of your pet?” and “Which high school did you go to?” are standard security questions your account’s system may ask as part of a password verification process whether it’s you answering or a hacker.
- Password crackers. Programs called password crackers use brute force to break a password by repeatedly trying millions of combinations of characters until the password is cracked. Shorter and less complex passwords are quicker to guess for these types of programs.
7 simple steps to create a hack-proof password
Creating a hack-proof password can be simple once you follow these easy steps to make your passwords strong and complex:
- Never use phone numbers, addresses, birthdays, your SSN, your name, family members’ names, or pets’ names in your password.
- Select a combination of uppercase and lowercase letters, numbers, and symbols for your passwords.
- Never use common passwords like “123456,” “password,” or “qwerty.”
- Make sure your passwords are at least eight characters long. Passwords with more characters and symbols are more difficult to guess.
- Don’t use common words or phrases in your passwords. If you want to use them, alter the word or abbreviate the phrase. For example, if you want to use the word “eleven” you can convert it to “e13v3N.” Or if you want to use the phrase “I love to shop” you can change it to “1luv2sh0p.” Make it even stronger by adding symbols and punctuation: “#1Luv2sh0p!”
- Opt for two-factor authentication (2FA) or multi-factor authentication whenever offered to add an extra layer of protection to your accounts. For example, in addition to logging in with a username and password, you’ll use an additional code received via text to complete your account login.
- Use password management systems, like Norton Identity Safe Password Manager and Generator, to help you create and remember complex passwords.
More ways to protect your password
Now that you have complex passwords, take these easy precautions to further protect them and your accounts.
- Don’t use the same password across different websites.
- Never share your passwords with anyone.
- Change your passwords regularly. Every three months is a good rule of thumb.
How hackers hack passwords
To learn more about how hackers steal passwords, watch this 30-second video.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.