Website security and creating strong passwords

There has never been a better time to review your passwords. This article has been written by DoodleIT to give you a better understanding of exactly what goes into creating strong passwords and some of the methods used by hackers to compromise them.

Creating a secure password for your website has never been more important

What to consider first when creating strong passwords

Please take the time to read and understand and if you have any questions just call or email to discuss.

Understanding what’s involved in creating strong passwords is crucial if you are going to try and create them.

There’s a lot of ideas out there as to what to do and it can be confusing so let’s try and clear this up a little.

The first thing you should consider when creating a password is the length or number of characters you use.

The list below shows the estimated time it takes to crack a password using a 4 core i5 processor.

  • 7 characters will take .29 milliseconds to crack.
  • 8 characters will take 5 hours to crack.
  • 9 characters will take 4 months to crack.
  • 10 characters will take 1 decade to crack
  • 12 characters will take 2 centuries to crack.

What we recommend when creating strong passwords

If you make your password 12 characters in length and use a mixture of numbers, upper and lower case letters and a couple of special characters like ^ or () etc you will have created a password that is very difficult to crack.

We recommend using 18 characters.

More powerful computers are being used to compromise your passwords

As computing power increases in general hackers are also using better and faster computers to try and gain access to your personal information, bank accounts and email accounts.
Don’t be predictable. Even though your password may be 12 characters in length if you use “123456789123” or “abcdefghijkl” it will make it much easier to crack than a mixture of randomised characters or a mixture of words and special characters inserted in key places.

Never use the same password for different accounts

Using a password manager may be the easiest solution

This cannot be overstated enough and is vital.

Once a password is breached it becomes part of a list used by hackers. If all your accounts use the same password you are much more vulnerable to being the victim of multiple attacks overnight.

Ultimately, using a password manager to help you in creating strong passwords may be the best option to stay safe online.

Compromised passwords are used to gain access to your data

A data breach is typically a list of usernames, passwords and often other personal data that was exposed when a site was compromised.

Recently, Troy Hunt, creator of the haveibeenpwned API, reported on his blog about the “Collection #1” Data Breach. This data breach contained a staggering 1,160,253,228 unique combinations of email addresses and passwords.

Hosting your website with us

If your website is hosted with DoodleIT we will ask you to change your password if you try to use a password that is listed as one which has been breached / hacked before.

DoodleIT take security very seriously. We understand that nothing can be 100% safe online but at the same time we understand that there is much that we can do to make things more secure. Let’s take responsibility for our data and do everything we can to keep our personal information as secure as possible.

About DoodleIT

DoodleIT are website designers and developers based in Ruthin, Denbighshire. We have been providing web design North Wales since 2003. We provide ongoing support via phone and email for the times when you need help or just someone to talk to about an idea.