How to set up a strong password?

1234, qwerty, iloveyou, dragon

Do you know what these four have in common?

They are commonly used weak passwords in China!

Today, let’s review how to set strong password.

Tips

Your password should have the following:

  • At least 10 characters, the longer the better!
  • A mix of uppercase, lowercase letters, numbers and special characters.

And it should avoid the following:

  • Using the same password for different sites.
  • Using personal information (name, pet’s name, birthday, city).
  • Using easy patterns: January2023!, February2023!, …

Do not write it down on a post-it, a notebook, or in a text document, and never take a photo of your passwords!

A password is personal, don’t share it!

Top passwords used and to avoid!

123456  /  password  /  123456789

12345  /  12345678  /  qwerty

1234567  /  111111  /  1234567890

123123  /  abc123  /  1234

password1  /  iloveyou  /  1q2w3e4r

000000  /  qwerty123  /  zaq12wsx

dragon  /  sunshine  /  princess

letmein  /  654321  /  monkey27653

qaz2wsx  /  123321  /  qwertyuiop

superman  /  asdfghjkl

If your password belongs to the list, you should change it immediately!

How to create a strong password

Having a random password would be impossible to memorize.

You could use a mnemotechnic device and pick up the first letters, for instance.

Let’s make an example together:

The security omcomputer is important to protect mdata!

By picking up the first letters and switching some to numbers, we obtain:

Tsomc7Zi2PmD!

Now, we can check the strength of the password on https://www.passwordmonster.com/

Here, we notice that my password would take 256 million years to be cracked!

However, it takes just 24.61 minutes to crack a typical weak password such as:

Antoine2023!

I selected all the prerequisites: lower case, upper case, numbers, and symbols. However, the password remains weak; it has my name and the current year, which is consequently easily guessable.

How can I remember my password?

If you’re afraid to forget your password, you can use some password managers.

But what is it?

A password manager is a computer program that allows users to store and manage their passwords for local applications or online services such as web applications, online shops, or social media. Password managers can generate passwords and fill online forms. (wikipedia)

Some of them offer a free version for family usage. However, we recommend using the professional version, which will provide more features to manage your employees as well.

E.g., 1password, dashlane, lastpass, bitwarden

There exists open-source software which can also do the job well: keepass and bitwarden open source.

If you’re interested in reviewing a password manager software, leave a comment below.

At APIS Consulting, we can help you reinforce your IT security practices and cyber security awareness. You can contact us by email: contact@apisconsulting.cn or by adding Antoine on WeChat via the QR code below if you need some trainings, cyber security audits, strengthening your IT security, and/or outsourcing your IT security.

Antoine Pilarczyk founded APIS Consulting in 2021 to help companies in China to improve their cybersecurity awareness. He is a certified Lead Auditor and Lead Implementer ISO 27001.

Leave a Reply

Your email address will not be published. Required fields are marked *

Popular Posts

Categories