Written by Vyron Kavalinis *
On the web, it is widespread that a website needs the user’s registration to display its content or provide its service or even allow to comment on an article. The registration of the user, and consequently, the account creation requires the use of a username and a password.
The username will need to be unique and no longer linked to the page itself to create the required account while the username and password combination proves the user’s identity and the correct completion give them access to the content of your page. Even in our email, if we want to sign in we will need a username (usually our email address) and a password.
The password is usually a combination of letters, symbols and numbers. The use of strong passwords is necessary to protect the user’s security and identity. An easy password is more likely to be guessed by someone else and therefore has access to our personal data.
Initially, an easy password is short. The bigger the password is, the harder is to be guessed by someone, and the resulting combinations are much more. From researches into millions leaked passwords, it has been revealed that combinations and selections preferred by users are very easy and are in the form “123456”, “password”, “football” and other simple words that we all use in our everyday life, and it is therefore easy for a third person to guess and find.
It is also worth mentioning the fact that a large number of users use the same password on all the pages they need to link. So if someone knows our email or our username then with a single password they can have access to all the pages we have an account, whether this page is our bank’s account or a shop that we are buying or even our own profile on Facebook.
The best way to increase security levels is to create more complex passwords. It is recommended that the password be long, usually over 12 characters, and be sentences that the user can easily remember.
A good way is the use of Online tools, which add words at random and create sentences for their use as passwords or setting up codes in accordance with some options determined by the user. In the text that follows we shall refer to some examples of such tools that you can use.
It is worth mentioning that a password with at least 12 characters can take few centuries for an invader to break it. In the current computer capacities and with the simultaneous use of many of them, this time might not be actual but still is so much to break. For example, according to researches that have been carried out, a supercomputer (having an efficiency as 100 computers at the same time) can break a 10-character password in 3 years.
It is not recommended to use the same password in every web site and application as also to not write down the passwords on simple text files or notebooks.
Moreover, the use of symbols and numbers can really help as the password becomes more complicated and therefore more difficult for a third person to find it.
The use of password generators is a very good solution since the most enable the user to set the parameters of the password and to create one, ready for use. Generators’ use is very helpful as if necessary for a web site to use capital symbols and small will create a more complex password. For example in that case a human would allocate a password “Letmein!123”, while a password generator would allocate “lwIXgHeaWiq”. The second choice is more difficult to find even if it doesn’t include special characters and symbols.
The use of password generators doesn’t require specific and specialised knowledge from the user, while there are many online tools that can be used for the creation of our passwords. We can show you online password generators that you can use:
Strong password generator (https://www.strongpasswordgenerator.com/). It gives the opportunity to define the length of the code and also some options of configuration, like the use of “voice words”. With the use of voice words actually the generator shows the letter and number combination in words so the passwords be more memorable.
Norton Password Generator (https://my.norton.com/extspa/idsafe?path=pwd-gen|). Norton, known in the field of safety has set up an online tool for the creation of passwords. This specific tool gives many options as the choice of the length of the code and the use of capitals, symbols and numbers.
XKpassword (https://xkpasswd.net/s/). XKpassword is probably one of the few, who offer so many options for the creation of the password. A feature differentiating it from the majority of password generators is the selection of provider according to the rules of which the password will be created. Some of these examples are according to the frameworks of AppleID, WiFi etc.
Finally, we would recommend the use of password managers for the storage and the management of your passwords. Password managers are substantially programs, which manage your passwords and store them coded in order to be understood by someone other. Through the use of this programs you just need to know one password and this is your access code to your password manager.
With the use of password managers you don’t have to remember your passwords by heart, as they have addons for every known browser, that when you enter to a web site they immediately recognise through the relevant form and give you the possibility of automatic completing.
Some password managers, also authorise the automatic completion with random passwords when registering and their automatic storage.
Since there is the possibility for somebody to intercept the password from the password manager and therefore to have access to the others, many from password managers provide also extra safeguards in the event of unusual mobility.
One of the most well-known password managers is the LastPass and the 1Password. Both provide the possibility of free use, while upon payment subscription they unlock more options and functions. Both have admins for Chrome, Mozilla, Opera and operate with Windows, Linux and MacOS. It is also noteworthy that if you take notice that your main code has been intercepted you can request for your account to be deleted, while 1Password recognises the device with which you are connecting and if you wish to connect from a new one you have to complete the master password you have been given after your registration to the application automatically.
We shall mention that there have been notified various safety lapses in password managers. Despite all these, each and every company immediately takes all the necessary steps to fill these gaps and increase the safety of their services. Even after of those notifications their use is considered to be more safe than the storage of passwords within a simple file, which will not contain any type of encryption.
Homo Digitalis has no interest in suggesting the above tools. We recommend you use these tools as safe alternatives given the wide variety of such tools. It shall be noted that many of these tools might have as objective to intercept your data. Therefore, we recommend you be very careful when you are using such tools.
* Viron is a graduate from the Department of Informatics Engineering, TEI Crete. He works for a company, which operates in the field of Web hosting and domain names. He deals with the development of web sites and safety. In the past he has undertaken SSL certificates.