**Please Open the Attached PDF**
Demystifying Passwords
5 Password Myths Debunked
How Do Passwords Get Hacked?
Password Managers Explained
Password Myths Debunked
The first use of computer passwords dates back to the early 1960s. Ever since then,
they’ve been a source of debate regarding length, complexity, and effectiveness
(passwords and the ‘60s). Let’s run through common myths about the most primitive
form of information security and try to unscramble a few password basics.
Myth 1:
A strong password can be used across multiple accounts.
The problem with this thinking is that it doesn’t account for data breaches that
expose login credentials. When that happens, criminal hackers will use stolen
usernames and passwords to see if they can access additional accounts via an
automated process called credential stuffing. Always use unique passwords
for every account.
Myth 2:
Complexity trumps length.
You might think a random password like b3t5UD## is sufficient, but feel free
to enter that password into any online password strength tester and learn how
quickly it could be cracked. Length equals strength! Ensure all passwords
are at least 12 to 16 characters long.
Myth 3:
Regularly changing passwords improves security.
Ask five security professionals how often you should change your passwords
and you might get five different answers. While changing passwords occasionally
is never a bad idea, doing it regularly often leads to frustration and the use of
inferior passwords. Here at work, always follow password policies.
Myth 4:
All forms of multi-factor authentication (MFA) are equally secure.
MFA requires a second code before access to an account is granted—a vital
part of security. Unfortunately, most people choose to have codes sent to them
via text message or email—the least secure methods. Wherever possible,
consider alternatives to SMS or email, such as an authenticator app.
Myth 5:
Only highly sophisticated criminal hackers know how to crack passwords.
Sure, if a criminal wants to hack someone’s password, they’ll need a little knowhow.
But password cracking software is readily available, easy to use, and
often free. Many versions can guess thousands of combinations in a matter
of seconds. Never use weak or commonly known passwords, such as
password123.