Do you know the password to your Amazon account by heart?
I don’t, I haven’t got a clue as to what any of my passwords are except for two, my password used to log in for work and my master LastPass password, that’s it.
All my passwords are managed from my LastPass and Password Manager. If I need to log into a site, then I reach for my mobile and look it up. None of the passwords for any site I use are the same and they all have a combination of numeric, alphanumeric, special characters and are long e.g. *&hG^s%DD3b01d7Of$AUJF
And before you ask, no that isn’t one of my passwords, that’s as made up and random as a password manager makes them for you.
So how strong is strong for a password? Every year the top passwords used are published. These are passwords which are obtained from data breaches which have occurred.
The top 10 password used, as published by SplashData, in 2017 were:-
In an offline password attack scenario, number 10 in the list ‘iloveyou’ could be cracked in 2.17 seconds compared to my made up complex password above which would take 1.04 hundred billion trillion centuries!
Without typing in your own passwords, you can find out how quickly a password could be brute forced in an attack by going to GRC’s Interactive Brute Force Password “Search Space” Calculator https://www.grc.com/haystack.htm
Hopefully from reading this, if you are not using one already a password manager it is something you now want to start using, but which one?
I have used LastPass for many years, I can use it on my mobile, on a browser (though I never do). They have a free version or a premium version. LastPass never stores your actual master password, none of their employees, including the boss can ever find this out which gives me assurance. The technical bit, LastPass store a one-way salted hash of your master password which is then hashed multiple times with PBKDF2-AES256, which means it is virtually impossible to brute force.
You can find out more information on password managers here: