Website security and creating strong passwords

There has never been a better time to review your passwords. This article has been written by DoodleIT to give you a better understanding of exactly what goes into creating strong passwords and some of the methods used by hackers to compromise them.

Website security and creating strong passwords
Creating a secure password for your website has never been more important

What to consider first when creating strong passwords

Please take the time to read and understand and if you have any questions just call or email to discuss.

Understanding what’s involved in creating strong passwords is crucial if you are going to try and create them.

There are a lot of ideas out there as to what to do and it can be confusing so let’s try and clear this up a little.

The first thing you should consider when creating a password is the length or number of characters you use.

The list below shows the estimated time it takes to crack a password using a 4-core i5 processor.

  • 7 characters will take .29 milliseconds to crack.
  • 8 characters will take 5 hours to crack.
  • 9 characters will take 4 months to crack.
  • 10 characters will take 1 decade to crack
  • 12 characters will take 2 centuries to crack.

For this reason, hackers tend to focus on 5 and 7 character passwords.

What we recommend when creating strong passwords

If you make your password 20 characters or more in length and use a mixture of numbers, upper and lower case letters and a couple of special characters like ^ or () etc., you will have created a password that is very difficult to crack.

We recommend using an absolute minimum of 18 characters and a mixture of upper and lower case as well as numbers and special characters. We also recommend using a password manager such as Nordpass. This allows access to all your phones, tablets and desktops.

More powerful computers are being used to compromise your passwords

As computing power increases in general hackers are also using better and faster computers to try and gain access to your personal information, bank accounts and email accounts.

Don’t be predictable. Even though your password maybe 12 characters in length if you use “123456789123” or “abcdefghijkl” it will make it much easier to crack than a mixture of randomised characters or a mixture of words and special characters inserted in key places.

Never use the same password for all your accounts

Using a password manager may be the easiest solution

This cannot be overstated enough and is vital.

Once a password is breached it becomes part of a list used by hackers. If all your accounts use the same password you are much more vulnerable to being the victim of multiple attacks overnight.

Ultimately, using a password manager to help create strong passwords may be the best option to stay safe online.

Compromised passwords are used to gain access to your data

A data breach is typically a list of usernames, passwords and often other personal data that was exposed when a site was compromised.

Recently, Troy Hunt, creator of the haveibeenpwned API, reported on his blog about the “Collection #1” Data Breach. This data breach contained a staggering 1,160,253,228 unique combinations of email addresses and passwords.

Hosting your website with us

If your website is hosted with DoodleIT we will ask you to change your password if you try to use a password that is listed as one which has been breached/hacked before.

DoodleIT takes security very seriously. We understand that nothing can be 100% safe online but at the same time, we understand that there is much that we can do to make things more secure. Let’s take responsibility for our data and do everything we can to keep our personal information as secure as possible.

About DoodleIT

DoodleIT is based in Ruthin, Denbighshire. We have been providing web design North Wales since 2003. We provide ongoing support via phone and email for the times when you need help or just someone to talk to about an idea.