#1 Victorian uni for graduate employment1

#1 in the world for sport science2

#1 Victorian uni for course satisfaction3

NEXT UP ON this.

Create secure passwords when using computers online

Tips to improve your password strength and stay safe online

Use the same password for most of your online accounts? Or always choose simple passwords like your date of birth or pet’s name? Then this one’s for you.

As more and more of us are required to work remotely from home due to the ongoing pandemic, we are spending far more time using the internet to work, video conference, shop, bank and stream Netflix. As such, the risk of falling victim to cybercrime – which involves using computers and the internet to break the law – is growing every day. Worryingly, almost $2.5 million has been reported lost in coronavirus related scams alone.

One of the easiest and most effective ways to protect yourself from cybercrime is by boosting your password strength. In fact, Dr Amani Ibrahim, a senior lecturer in cyber security at Deakin University, says passwords are the first line of defence when it comes to protecting your personal information.

‘The risk of accounts being compromised is very high, and if someone has access to your accounts it means they can do whatever they want, including steal money and steal your credentials,’ she says. ‘Having strong passwords significantly reduces the chances of your accounts being compromised.’

Why password security matters

If your password is captured, guessed or stolen, an attacker can potentially send emails from your accounts, withdraw money from your bank accounts, change files on your computer or even steal your identity, reports the Australian Cyber Security Centre.

More than eight billion accounts and half a billion passwords have been exposed in data breaches around the world. These breaches are made easier by automated software that can potentially guess 350 billion passwords per second. Yes, per second.

It’s no wonder demand for cybercrime specialists is stronger than ever and that some of the most important qualities of this workforce are resilience and creative thinking.

What makes a weak password

If your password strength is poor, it makes it a lot easier for cyber criminals to figure out your passwords. Research shows 80% of hacking-related data breaches involve weak or stolen passwords.

The two most common errors are passwords that are short (less than 10 characters) or weak (too simple). There’s no prizes for guessing the most hacked password: ‘123456’, closely followed by ‘123456789’, ‘qwerty’ and ‘password’.

And it’s probably not surprising to learn that re-using passwords across sites means a potential breach could be a lot more serious. ‘If one account is compromised and you have the same password across other accounts, the hackers will be able to compromise the other accounts,’ Dr Ibrahim says.

'Having strong passwords significantly reduces the chances of your accounts being compromised.'

Dr Amani Ibrahim,
School of Information Technology, Deakin University

Improving password strength

The most important thing to remember about good passwords is the longer they are, the stronger they are.

Dr Ibrahim says passwords should be at least 10 characters long. ‘It’s not the complexity of the password – it’s the length of the password,’ she says. ‘Hackers use a lot of different tools to compromise passwords, and what makes this easier is the length of the password, not the complexity. Making passwords as long as possible makes it almost impossible for hackers to break in.’

Avoid including repeated characters, arbitrarily mixed numbers, letters and symbols, single dictionary words, personal information – like your street address or mother’s maiden name – or anything you’ve used in a previous password.

And if you’re given the option of two-factor authentication, take it. This is when there are two checks in place to prove your identity, such as a one-time code sent to your phone as well as your password. ‘Two-factor authentication makes it harder for your account to be compromised,’ Dr Ibrahim says.

Keeping track of passwords

Don’t worry, you’re not expected to remember or even create these uber-long passwords.

Instead, Dr Ibrahim recommends using a password manager like Last Pass, which requires you to remember only one master password while it generates and stores your other passwords. Even better, many password managers will sync across your devices.

this. featured experts
Dr Amani Ibrahim
Dr Amani Ibrahim

Senior Lecturer, Cyber Security, Deakin University

Read profile

explore more