In 2021 will you be a Cybercrime target of my Grandma?

Written By Matthew Ryan

Ask yourself these three questions:

1.     Do I use three passwords or less for my online accounts?

2.     Do I add a single random character (an extra number or a letter) to my usual passwords to create added passwords?

3.     Do I use personal data such as a date of birth or names of my close relatives in passwords?

If you answered yes to any of these - then, my friend, my grandma could break into your online accounts and you need to know that YOU are the weakest link in your online security.

But you are not alone! Did you know that 65% of users use the same single password everywhere?

The most common passwords in 2016 were: 123456 or 123456789, qwerty, 12345678 and 111111.

Four years on and not much has changed! In fact, the five passwords above are still in the top 10 as Nordpass advise in their annual list of the most used passwords online annual article!!!!

Look for yourself; https://nordpass.com/most-common-passwords-list/

All these passwords are scarily easy to guess and recreate. More so they would take my dear old granny less than 20 seconds to crack!

THE TOP 20 MOST COMMON PASSWORDS OF 2020:

  1. 123456

  2. 123456789

  3. picture1

  4. password

  5. 12345678

  6. 111111

  7. 123123

  8. 12345

  9. 1234567890

  10. senha

  11. 1234567

  12. qwerty

  13. abc123

  14. Million2

  15. 000000

  16. 1234

  17. iloveyou

  18. aaron431

  19. password1

  20. qqww1122

Did your password make the list of shame? If so, it may be time to do some serious updating, or risk kissing your internet security goodbye.

10,000 of the most common passwords can access 98% of all online accounts! Let me spell that out to you… NINETY-EIGHT PERCENT. Do not let yours be one of them.

Hackers have been collecting and publishing compromised credentials in the ‘dark web’ (a sub-internet) for years. Ever had a LinkedIn account? Or shopped at Target? eBay? Apple? Been on a Government website?

If you have an online presence at all, believe me, your credentials are out there somewhere. Google your own name it is scary what you may find!

So, let us get back to my grandma for a moment. If she is devious and wants to break into your Gmail, Facebook, Online Banking or PayPal account, her first port of call would be to simply look you up in one of those shared databases holding billions of personal credentials.

Once she has found you, and if you are still using the same password or simple variant – then game over! My grandmother has you and she has your banking and all other details!

It is a shame, but the reality is that a LOT of businesses have been breached or have accidentally published customer credentials – to name just a few over the last few years: we have Yahoo, Facebook, Gmail, 7-Eleven, eBay, Adobe, Sony, Target, Apple, the NHS in England, even our own state and federal governments, (on more than 5 occasions in the last year!)

 Do you have personal information sitting with them?

Many data breaches are not known or publicised and your credentials will be exposed without you being aware.

If dear old granny is unlucky searching the dark web for your credentials, then she can do a patience exercise: start trying each of the 10,000 most common passwords. Remember those 10,000 passwords access 98% of all online accounts! Of course, the more sophisticated grandmas out there (not mine – but she is getting better) would automate this process – AKA Hacking whilst they are sleeping!

We need to accept that organisations with our data and credentials will continue to do dumb things- like getting hacked!

In this brave new world, what can you do to protect your other online accounts?

Firstly – never share your credentials and only enter them using secure devices and internet connections you trust.

Secondly – enable multi-factor authentication wherever possible e.g., a password and then a second password sent to you Phone via SMS, for example.

Always choose security over convenience in those accounts that are most important.

Thirdly – use good and different passwords in each of your hundreds of online accounts.

A good password looks like this:

“E7Qf21yb$*a8WY&l!%*b*qPHYckMI3Xnq@EM5@Zo7Yg50MD%s95wc*5T&ED%7Ay31^3ujGLK@yE9ok#QSaMxWw!$KP5oHNXj3#o”

How can a normal human being memorise one of these passwords let alone hundreds of different passwords for our growing number of online accounts?

Let us look at how long it takes for a hacker to crack a password using specialised tools.

Picture1.jpg

The warning on the above is that these are simple lower case alphabetic passwords. Add in some complexity and this changes dramatically e.g.: -

Picture2.jpg

Add in a distinctive character and a mix of Alpha and Numeric characters and security increases again!

Picture3.jpg

What else can we do Matt? Why can’t I just remember one password and never need to remember another?

One answer is to use a ‘password manager’ that will generate and store these random passwords for you. Reputable services include: 1Password, LastPass, and the myriad of password management software in the marketplace to name a few. You might even find your AV and Firewall software subscriptions have these built in. Better still many of these services sync between your devices so you only need to remember one password across your laptop, smartphone, tablet, etc.

Can these password management services sustain a breach as well? It is possible but not likely and not by my crafty grandmother!

In any case this type of data is not likely to be readable due to strong end-to-end encryption (a subject for another article).

Still not sure, well another choice is to write them down in a book (yes that paper stuff we are all trying to get rid of in our offices) and store it in a secure location that only you know about, but then you constantly having to refer to it, find it, and then run the risk of losing it!

I did say it is a choice but not necessarily a desirable choice!

Although no one is 100% safe in our evolving cybersecurity world, by following these simple security practices you can make your online accounts infinitely more secure than the average person. Not being an easy target for my grandmother goes a long way!

If you would like to know more or test your passwords to see how long they could take to be cracked, please visit https://www.betterbuys.com/estimating-password-cracking-times/

And remember my evil Granny is watching!

A big thanks to Nordpass VPN and Betterbuys for use of their images!





Matthew Ryan
Previous

MR & A - One of the 10 Australian Project Management Companies to Watch!!!
Next

Podcast - Business Insights with Matt Ryan