{"id":8795,"date":"2013-10-09T09:27:52","date_gmt":"2013-10-09T08:27:52","guid":{"rendered":"http:\/\/okodigital.wpengine.com\/?p=78"},"modified":"2013-10-09T09:27:52","modified_gmt":"2013-10-09T08:27:52","slug":"password-security-human-beings","status":"publish","type":"post","link":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/","title":{"rendered":"Password security for human beings"},"content":{"rendered":"<p>It\u2019s a curse of the modern world that so much of our lives are secured by passwords. If you use the same one for everything, or switch between a few tried and tested favourites, then you don\u2019t really have much in the way of security at all.\u00a0 If you are an online business then you are a bigger target than most \u2013 it is therefore vital to practice safe passwording.<\/p>\n<h2>Common password mistakes<\/h2>\n<p>The most common mistakes we see with passwords are:<\/p>\n<h3>Using words as passwords<\/h3>\n<p>Just because they are called passwords doesn\u2019t mean they should contain words. A particularly common way to crack passwords is to launch a dictionary attack \u2013 literally trying all the words in the dictionary (and combinations of them). This is an incredibly efficient way to hack the majority of password combinations.<\/p>\n<h3>Substituting numbers for letters<\/h3>\n<p>Switching letters for numbers (such as changing <em>password<\/em> to <em>pa55wo7d<\/em>) might make a password appear more secure \u2013 it might even help you bypass an annoying form that requires a more robust password.\u00a0 It doesn\u2019t, though, add much in the way of security. Programmes created to launch dictionary attack also infiltrate letter\/number substitutions.<\/p>\n<h3>Re-using passwords<\/h3>\n<p>When you use the same password more than once your security is only as strong as the weakest service you use. When sites are cracked and user passwords exposed, hackers will then try those passwords on other common sites to see if those details have been used elsewhere. The lists are also often made public, meaning that your login details, for a variety of services, may be circulating on the internet.<\/p>\n<p>Painful though it sounds, you should only use each password once.<\/p>\n<h2>Hard to crack doesn\u2019t have to mean hard to remember<\/h2>\n<p>We have all been taught to think that passwords like resTeThu?7Ru\u00a0 or P3As*qUg are the ideal: long strings of difficult to guess and difficult to remember random characters.\u00a0 These are pretty tough to crack, but the fact they are hard to remember renders them close to useless as \u2018use once\u2019 passwords \u2013 unless you are storing them for look-up.<\/p>\n<h2>Software to the rescue?<\/h2>\n<p>Systems such as LastPass and Keepass offer ways to generate passwords and have them available whenever you need them.\u00a0 This solution is convenient and ensures you have the strongest one-use passwords. You are reliant on the security of both the service itself and the master password that you use to protect your login store.<\/p>\n<p>Such systems work particularly well when groups of people need access to passwords. In fact, we employ something similar here at OKO.<\/p>\n<h2>Have a system<\/h2>\n<p>An alternative approach is to have a system come up with tough to crack passwords that are not hard for you to remember. Here is just one example of something that might work for you.<\/p>\n<p>Pick a sentence that you will remember, or maybe a line from a song. Use the initial letters from that line to make the password. This can provide you with long passwords that are incredibly easy to remember. For instance, Led Zeppelin fans might be find talwkatgigasbasth easy to recall, or maybe iwlaactfohovah \u2013 if Wordsworth is more your thing. This works just as well with jokes, book titles or quotes, film names and scene dialogue or in fact any sentence that is memorable to you.<\/p>\n<p>As far as password strength goes, those are pretty good passwords. The length of the \u2018string\u2019 makes it tougher to crack by brute force. For pure password strength, initials from the first line of Stairway to Heaven are CONSIDERABLY more secure than the tougher looking P3As*qUg .<\/p>\n<p>P3As*qUg is part of a pattern with 608 billion passwords (608,000,000,000)<br \/>\ntalwkatgigasbasth\u00a0 is part of a pattern containing 127 sextillion (127,000,000,000,000,000,000,000)<\/p>\n<p>Problem solved then? Well, not quite. There are three issues with this type of password.<\/p>\n<h3>Someone could create a whole new dictionary<\/h3>\n<p>If everyone started using the first line of their favourite song or poem, then it wouldn\u2019t take long for someone to create a new dictionary of those initials. Picking a random line that you like makes it much harder, but there is still an inherent problem there as well.<\/p>\n<h3>Such passwords will often be rejected<\/h3>\n<p>When you provide a password you often have to comply with whatever arbitrary rules the website or service requires. We\u2019ve all been annoyed by messages requiring that \u2018all passwords must contain at least two letters, one number, one special character and a funny squiggly line that appears above the # key\u2019. Despite the fact such restrictions make passwords considerably LESS secure, we have no choice but to follow such directions.<\/p>\n<h3>You still need to remember a lot of passwords<\/h3>\n<p>As mentioned before, passwords should ideally be unique to each service and this method doesn\u2019t help you remember which song to use and when.<\/p>\n<h2>Getting past the password police<\/h2>\n<p>Pick a letter, a number and special character \u2013 mine are h7&amp;. Add those to your password using an upper case letter. Those three characters are not particularly secure, but if you are relying on password length as security then that is not a problem. They should be enough to get you past most restrictive password systems.<\/p>\n<p>In this case, my \u2018Stairway\u2019 password has just become <strong>H7&amp;<\/strong>talwkatgigasbasth .<\/p>\n<h2>Making passwords unique<\/h2>\n<p>If you add something to each password relating to where you use it, then you can make your new secure password mobile without compromise.\u00a0 For example, I might choose to use the second and fourth letter of the services name and add that to the front.<\/p>\n<p>When I log into my Amazon account I might use <strong>ma<\/strong>H7&amp;talwkatgigasbasth but when I log into my Google profile it could be <strong>og<\/strong>H7&amp; talwkatgigasbasth.<\/p>\n<p>That system itself isn\u2019t so secure if anyone knows it. However, you\u2019d need to either tell someone or they\u2019d need to have access to at least two of your passwords before they could apply it to a third login.<\/p>\n<h2>Protecting against expanded dictionary attacks<\/h2>\n<p>Using the above steps you also protect against someone adding lines from books\/ films\/songs (and whatever else they choose) to their dictionary.<\/p>\n<h2>Wrapping it up<\/h2>\n<p>Systems like the one explained are not perfect. In my experience though is they result in considerably more secure passwords than the vast majority of people are using. There are lots of ways you can vary this approach, but the core idea is the same:<\/p>\n<p>Stop remembering bad passwords and instead learn a system to create good ones you can\u2019t forget.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>It\u2019s a curse of the modern world that so much of our lives are secured by passwords. If you use the same one for<\/p>\n","protected":false},"author":1,"featured_media":9153,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[2],"tags":[],"class_list":["post-8795","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tips"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Password security for human beings | Supply-Side Platform | COOL Media (formerly OKO Digital)<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Password security for human beings | Supply-Side Platform | COOL Media (formerly OKO Digital)\" \/>\n<meta property=\"og:description\" content=\"It\u2019s a curse of the modern world that so much of our lives are secured by passwords. If you use the same one for\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/\" \/>\n<meta property=\"og:site_name\" content=\"Supply-Side Platform\" \/>\n<meta property=\"article:published_time\" content=\"2013-10-09T08:27:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cool.co\/supply-side-platform-home\/wp-content\/uploads\/sites\/4\/2013\/10\/header-36.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"pavlo.shyian@sigma.software\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pavlo.shyian@sigma.software\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/\"},\"author\":{\"name\":\"pavlo.shyian@sigma.software\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/#\\\/schema\\\/person\\\/560f05b9e421019c8159b150285a5517\"},\"headline\":\"Password security for human beings\",\"datePublished\":\"2013-10-09T08:27:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/\"},\"wordCount\":1096,\"image\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/wp-content\\\/uploads\\\/sites\\\/4\\\/2013\\\/10\\\/header-36.jpg\",\"articleSection\":[\"Tips\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/\",\"url\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/\",\"name\":\"Password security for human beings | Supply-Side Platform | COOL Media (formerly OKO Digital)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/wp-content\\\/uploads\\\/sites\\\/4\\\/2013\\\/10\\\/header-36.jpg\",\"datePublished\":\"2013-10-09T08:27:52+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/#\\\/schema\\\/person\\\/560f05b9e421019c8159b150285a5517\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/wp-content\\\/uploads\\\/sites\\\/4\\\/2013\\\/10\\\/header-36.jpg\",\"contentUrl\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/wp-content\\\/uploads\\\/sites\\\/4\\\/2013\\\/10\\\/header-36.jpg\",\"width\":1920,\"height\":640},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/password-security-human-beings\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Password security for human beings\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/#website\",\"url\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/\",\"name\":\"Supply-Side Platform\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/#\\\/schema\\\/person\\\/560f05b9e421019c8159b150285a5517\",\"name\":\"pavlo.shyian@sigma.software\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/915b509c0ee970a486962d4bc9f102ea4ebf29ea9fa4fc5ca6f12ac21b5cf3e9?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/915b509c0ee970a486962d4bc9f102ea4ebf29ea9fa4fc5ca6f12ac21b5cf3e9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/915b509c0ee970a486962d4bc9f102ea4ebf29ea9fa4fc5ca6f12ac21b5cf3e9?s=96&d=mm&r=g\",\"caption\":\"pavlo.shyian@sigma.software\"},\"sameAs\":[\"https:\\\/\\\/cool.co\"],\"url\":\"https:\\\/\\\/cool.co\\\/supply-side-platform-home\\\/author\\\/pavlo-shyiansigma-software\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Password security for human beings | Supply-Side Platform | COOL Media (formerly OKO Digital)","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/","og_locale":"en_US","og_type":"article","og_title":"Password security for human beings | Supply-Side Platform | COOL Media (formerly OKO Digital)","og_description":"It\u2019s a curse of the modern world that so much of our lives are secured by passwords. If you use the same one for","og_url":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/","og_site_name":"Supply-Side Platform","article_published_time":"2013-10-09T08:27:52+00:00","og_image":[{"width":1920,"height":640,"url":"https:\/\/cool.co\/supply-side-platform-home\/wp-content\/uploads\/sites\/4\/2013\/10\/header-36.jpg","type":"image\/jpeg"}],"author":"pavlo.shyian@sigma.software","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pavlo.shyian@sigma.software","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#article","isPartOf":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/"},"author":{"name":"pavlo.shyian@sigma.software","@id":"https:\/\/cool.co\/supply-side-platform-home\/#\/schema\/person\/560f05b9e421019c8159b150285a5517"},"headline":"Password security for human beings","datePublished":"2013-10-09T08:27:52+00:00","mainEntityOfPage":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/"},"wordCount":1096,"image":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#primaryimage"},"thumbnailUrl":"https:\/\/cool.co\/supply-side-platform-home\/wp-content\/uploads\/sites\/4\/2013\/10\/header-36.jpg","articleSection":["Tips"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/","url":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/","name":"Password security for human beings | Supply-Side Platform | COOL Media (formerly OKO Digital)","isPartOf":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#primaryimage"},"image":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#primaryimage"},"thumbnailUrl":"https:\/\/cool.co\/supply-side-platform-home\/wp-content\/uploads\/sites\/4\/2013\/10\/header-36.jpg","datePublished":"2013-10-09T08:27:52+00:00","author":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/#\/schema\/person\/560f05b9e421019c8159b150285a5517"},"breadcrumb":{"@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#primaryimage","url":"https:\/\/cool.co\/supply-side-platform-home\/wp-content\/uploads\/sites\/4\/2013\/10\/header-36.jpg","contentUrl":"https:\/\/cool.co\/supply-side-platform-home\/wp-content\/uploads\/sites\/4\/2013\/10\/header-36.jpg","width":1920,"height":640},{"@type":"BreadcrumbList","@id":"https:\/\/cool.co\/supply-side-platform-home\/password-security-human-beings\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cool.co\/supply-side-platform-home\/"},{"@type":"ListItem","position":2,"name":"Password security for human beings"}]},{"@type":"WebSite","@id":"https:\/\/cool.co\/supply-side-platform-home\/#website","url":"https:\/\/cool.co\/supply-side-platform-home\/","name":"Supply-Side Platform","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cool.co\/supply-side-platform-home\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/cool.co\/supply-side-platform-home\/#\/schema\/person\/560f05b9e421019c8159b150285a5517","name":"pavlo.shyian@sigma.software","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/915b509c0ee970a486962d4bc9f102ea4ebf29ea9fa4fc5ca6f12ac21b5cf3e9?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/915b509c0ee970a486962d4bc9f102ea4ebf29ea9fa4fc5ca6f12ac21b5cf3e9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/915b509c0ee970a486962d4bc9f102ea4ebf29ea9fa4fc5ca6f12ac21b5cf3e9?s=96&d=mm&r=g","caption":"pavlo.shyian@sigma.software"},"sameAs":["https:\/\/cool.co"],"url":"https:\/\/cool.co\/supply-side-platform-home\/author\/pavlo-shyiansigma-software\/"}]}},"_links":{"self":[{"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/posts\/8795","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/comments?post=8795"}],"version-history":[{"count":0,"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/posts\/8795\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/media\/9153"}],"wp:attachment":[{"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/media?parent=8795"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/categories?post=8795"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cool.co\/supply-side-platform-home\/wp-json\/wp\/v2\/tags?post=8795"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}