Psst … What’s Your Master Password?

All of us like to think we are unique. That thinking extends to our passwords, too, right? We’re unique and distinct, so no one could guess our chosen collection of letters, numbers, and symbols. Well, it’s surprisingly easy for algorithms to determine passwords and do so incredibly quickly. So, a password manager is a smart move, as you’ll have more complex, different passwords stored. Still, your master password for that manager must be 100 percent original.

Sure, your password may be difficult for a human to guess – it would take forever. But, computers can run through the possible combinations in seconds. A password consisting of five characters (three lowercase letters and two numbers) can be hacked in 0.03 seconds.

Add characters, and the volume of possible configurations increases, adding time. A seven-character password (one capital letter, six lowercase letters) will take approximately nine minutes to hack. Things get more complicated at eight characters (four lowercase letters, two special characters, and two numbers). Trying all the possible permutations will take 2.6 days.

That’s a data-driven argument for complex passwords with many letters and numbers. But the problem is that they are so much more difficult to remember, and that’s why it’s a good idea to use a password manager.

The power of a password manager

A password manager offers top-notch encryption to protect passwords. You can use a password manager as a vault for all your passwords. When you want to log in online from your desktop, it can prefill your username and password. Often, there is also an app that allows you to do the same on mobile devices.
Industry-leading password managers also notify you if credentials are weak or get compromised. They may also flag that you are repeating access credentials, which is not good.

Don’t forget your master password

Part of the appeal of a password manager is its zero-knowledge approach. They are set up so that they can’t see your stored passwords. The password is encrypted before it reaches the manager’s server and can’t be deciphered.

This means you have to be careful not to forget your master password. The master password is the one you use to access the password manager. Without it, you’ll have to try to recover your account using several stages of authentication.

Make your master password unique, and don’t use it anywhere else. Repeating passwords, as mentioned above, increases your risk of getting hacked. If the other site is hacked, the bad guys could also try that same password on other sites. It’s low-hanging fruit for them.

The current best practice for passwords is to use a passphrase with a mix of alpha-numeric symbols. This gives you a length of between 20 and 30 characters. You can use uppercase and lowercase letters, numbers, and symbols. Some examples of passphrases include:

  • My_Fave_Person_is_My_Fish_761
  • Mytrip-2-Paris-Was-Magnifique
  • YouRemindMeoftheBabe!!

The passphrase means something to you, so it is more memorable. Yet it isn’t easy for hackers to crack. Also, you’re not using specific personal details that you may reveal on social media (unless you are constantly posting pics of your fish, and its name is 761). 
Protecting your online identity
Here at Hopedale Technologies, we use LastPass to manage our passwords. Want to know more about protecting your online identity? Need help with setting up security procedures for your home computer and network? We are available to help.