Why you need a secure password

A strong password is essential for preventing others from gaining unauthorised access to your account or device. The stronger the password the more difficult it will be for a hacker to crack.

But how do hackers crack passwords? Below are few of the main ways a hacker can guess a password and gain access to someone’s account. I hope to demonstrate why it is so important to make sure your passwords are strong (believe me, when I first learnt about all these techniques, I went through changing all my passwords!) 

Social engineering

A lot of people use things like their birthday, the name of a family member, or something else that is significant to them to them to set their password. Often people take this approach as it makes it easier to remember your password, however it can also leave you more vulnerable to someone else being able to easily guess your password if they know a few things about you.

You might have seen the news about Trump’s Twitter getting hacked after a Dutch researcher guessed his password was ‘maga2020!’. It is worth noting that Twitter have said they have not found evidence of this, but whether it is true it helps to highlight how people can use information about you to get access to your accounts.  

Another example of this happening can be seen in the popular show, Mr Robot, where the main character by day works for an IT security company, and by night is a “grey-hat” hacker targeting people who might otherwise escape law enforcement. In the show he can often be seen stalking his target’s social media accounts and online profiles to find things such as their date-of-birth or information about their relatives to find things he can use to guess their passwords. In the first episode, he manages to login to his therapist’s boyfriend’s email by finding out who his favourite sports teams are and what his dog’s name is. Armed with these two pieces of information, he was able to access his email, and then use similar variations to gain access to other aspects of his life. 

Therefore, is it extremely important to have a password that cannot be easily guessed – so if your password contains something like your pet or girlfriend’s name, I recommend you consider changing it.  

Brute Force

A brute force attack is when someone tries to guess your password using a program that can go through multiple iterations of passwords at a time, starting with ‘a’ to ‘z’ and everything in between. This method will take longer depending on the number of characters in your password. If your password is all lower-case or a single word, then programs like this can guess your password within seconds. If you have a password with a number or a few numbers, it will help strengthen your password, as will using symbols.  

Where you place the numbers and symbols can also make a difference. One of the most common types of passwords are “Word Date Symbol” i.e., Apple1998* – This would still show on the website I refer to below as being secure and would take 5 years to crack. But it contains commonly known phrases and would be easier to crack by someone who really wanted to get into your account/computer. 

There is a useful website which I often use to help see how secure my passwords really are.

If we check this website and type in the word “pineapple” it shows that this can be guessed in just 2 minutes! However, pineapple with capitals “PineApple” would take 9 hours. Then, if I replace PineApple with P1n3Appl3 (1=i & 3=e) it takes 3 days. Then if you add a symbol it takes 5 years. Now the problem here is that the password itself is a common word i.e., it can be found in the dictionary. Which leads me on to… 

Dictionary attack

A dictionary attack can be done in two ways: 

1.  A program that would literally go through the dictionary, from Aardvark to Zebra. 

2.  A program that has a list of known existing passwords i.e., a dictionary of passwords that might have come from a website which has been compromised.  

The first option, going from Aardvark to Zebra, may take a while, but you would be surprised about how many people still use these kinds of simple passwords. If your password is just one word, I would strongly recommend changing it now! 

The second option is a known list of used passwords. Some of you may remember back in May 2016 that LinkedIn was attacked and had over 100 million passwords taken and sold on the dark web. 

Attackers would download/buy this file of leaked passwords and see where else those passwords work. They would have a target email address and use a program to go through the file and try the passwords listed in it. Therefore, it is very important to have a different password for each account on the internet.  This is because you never know what site is going to be compromised or forgotten about – make it a habit to use strong and unique passwords every time.

It might be worth checking this site to see if any of your accounts have already been compromised. Enter your email address and find out. If it has, change your passwords and check out my next blog post where I am going to go through some simple tips for making you password more secure.  

If you would like to talk about password best practice drop me a line at fru@macnamara-ict.co.uk – Though, please do not share your actual passwords with me 🙂

Like this article?

Share on twitter
Share on Twitter
Share on linkedin
Share on LinkedIn
Share on email
Share by Email

Subscribe to our monthly newsletter

Get the best IT tips and Office ideas in your inbox

Further reading

How to make a secure password

It can be hard to think of a password that you can remember when you need it, let alone multiple passwords and variations. What can make this is easier is using a methodology or naming convention for your passwords.

Read More »

Teams or Zoom?

Both applications do the job of video conferencing well, and they’re not the only ones (e.g. Google Meet, Starleaf, Webex). But what’s the real difference, and when should you use one over the other?

Read More »

Want to hear what customers have to say?

Watch out customer story videos and find out today...

Cookie Notice

This website uses cookies to ensure you get the best experience on our website. Learn More.

Scroll to Top

Subscribe to our monthly newsletter.
Get the best IT tips and Office ideas in your inbox.

We promise to keep your information safe. Unsubscribe at any time. Read our privacy policy.

Get the Ebook

"Five High-Value Business Initiatives That’ll Provide Massive Impact and Help You Get Noticed at Work"

Get this empowering Ebook in your inbox — when you subscribe to the Macnamara Newsletter. What’s in the Newsletter? Insightful articles, invites to exclusive events, powerful ideas, free training resources. Don’t miss out – subscribe today.

We promise to keep your information safe. Unsubscribe at any time. Read our privacy policy.

Get the Ebook

"Five Ideas That'll Help you Tame Unruly Systems and Team Members"

Get this empowering Ebook in your inbox — when you subscribe to the Macnamara Newsletter. What’s in the Newsletter? Insightful articles, invites to exclusive events, powerful ideas, free training resources. Don’t miss out – subscribe today.

We promise to keep your information safe. Unsubscribe at any time. Read our privacy policy.

Get the Ebook

"Five Powerful Ideas That’ll Take Your Personal and Business Development to the Next Level"

Are you an Office Manager who’s looking for next-level ideas? You need to read this Ebook — you’ll get it for free when you subscribe to the Macnamara Newsletter. What’s in the Newsletter? helpful articles, invites to events, powerful ideas, free training resources. Don’t miss out – subscribe today.

We promise to keep your information safe. Unsubscribe at any time. Read our privacy policy.

Get the Ebook

"Your Ultimate Guide To Office Delegation"

Get this empowering Ebook in your inbox — when you subscribe to the Macnamara Newsletter. What’s in the Newsletter? Insightful articles, invites to exclusive events, powerful ideas, free training resources. Don’t miss out – subscribe today.

We promise to keep your information safe. Unsubscribe at any time. Read our privacy policy.