Embedded Files
Secure Input Modeled on Phrases that are Long and Effortless
Secure Input Modeled on Phrases that are Long and Effortless
And keep you in the green / impractically worth hacking into.
And keep you in the green / impractically worth hacking into.
Last week I posted the latest Hive Systems report from Inside Halton.com news media report on how long it takes to break a password and the emphasis on keeping your passwords into the green. Though the math is likely impeccable, I’ve seen these tables before and there are significant inconsistencies in the results being reported, when it comes to how long a password can be hacked (never mind Kevin’s video below that makes it seem like a mute point). As I’ll discuss further below, there are other concerns regarding setting up appropriate password guidance as the baddies continue to have many data breaches to search through and some have password hashes that allow for further infiltration (i.e. the number of cloud service providers blaming the user for weak passwords and taking over their accounts).
Ok, lets get to the basics. By following SIMPLE in creating easy to remember pass phrases of 15+ that include a capital, number and symbol, you avoid being an easy mark. That in combination with multi-factor authentication (MFA) and a password manager (family plans can help spread the cost and allow you to learn from each other) the results will be like always wearing a seat belt while in a car. Again, nothing is 100% secure and a car accident can happen regardless of how careful you’re, by following SIMPLE you’ll increase your chances of not being a victim.
With that out of the way, lets explore some additional facts for consideration as you decide what SIMPLE tacks (whether it’s personal or corporate) you need to keep in mind.
BLUE REPORT 2025, “by Picus Labs found that password cracking attempts succeeded in 46% of tested environments, nearly doubling the success rate from last year. This sharp increase highlights a fundamental weakness in how organizations are managing – or mismanaging – their password policies. Weak passwords and outdated hashing algorithms continue to leave critical systems vulnerable to attackers using brute-force or rainbow table attacks to crack passwords and gain unauthorized access.”
The takeaway from the Blue Report, though written with organizations in mind, is that having SIMPLE applied consistently, along with MFA and password manager, will not only be helpful to your staff, but it encourages overall security mindfulness that’ll help mitigate the baddies attempts to victimize you.
Now for a cold splash of reality, from 6 years ago. Would you be surprised to learn the late, and very influential cyber security expert, Kevin Mitnick created a YouTube video titled: “How Easy It Is To Crack Your Password” in which the complicated password of qu4dril473r4l12*$ was cracked in 31 seconds?
Granted that Kevin’s advice to use 25-character passwords, though technically right, is not something you encounter that often (and there are many hosts that require your password length be less than 18 characters). That said, Kevin has shown, again long before AI became a thing, of the need for long password phrases to protect ourselves, as much as one can.
All this to say, just because the threats are out there, doesn’t mean we should ignore it. By using SIMPLE password phrasing, along with MFA and a password manager, you’re using a safety belt to minimize the harm when an accident or computer hack comes your way.
P.S. Though we’re making significant effort to a Passkey / password less world, it ain’t quite ready to remove the need for passwords and such SIMPLE is still your best avenue to take control of your logins.
Page updated
Report abuse