We operate within the heart of the energy and data sectors. This affords us with unique insights into the challenges and opportunities business, regulators and government face. Within this section you can view our latest views as well as the events we will be attending and hosting.
Home » Blog » Cyber Security Month Blog 2: Password Managers
Cyber Security Month Blog 2: Password Managers
11th October 2018
Do you know the password to your Amazon account by heart?
I don’t, I haven’t got a clue as to what any of my passwords are except for two, my password used to log in for work and my master LastPass password, that’s it.
All my passwords are managed from my LastPass and Password Manager. If I need to log into a site, then I reach for my mobile and look it up. None of the passwords for any site I use are the same and they all have a combination of numeric, alphanumeric, special characters and are long e.g. *&hG^s%DD3b01d7Of$AUJF
And before you ask, no that isn’t one of my passwords, that’s as made up and random as a password manager makes them for you.
So how strong is strong for a password? Every year the top passwords used are published. These are passwords which are obtained from data breaches which have occurred.
The top 10 password used, as published by SplashData, in 2017 were:-
In an offline password attack scenario, number 10 in the list ‘iloveyou’ could be cracked in 2.17 seconds compared to my made up complex password above which would take 1.04 hundred billion trillion centuries!
Without typing in your own passwords, you can find out how quickly a password could be brute forced in an attack by going to GRC’s Interactive Brute Force Password “Search Space” Calculator https://www.grc.com/haystack.htm
Hopefully from reading this, if you are not using one already a password manager it is something you now want to start using, but which one?
I have used LastPass for many years, I can use it on my mobile, on a browser (though I never do). They have a free version or a premium version. LastPass never stores your actual master password, none of their employees, including the boss can ever find this out which gives me assurance. The technical bit, LastPass store a one-way salted hash of your master password which is then hashed multiple times with PBKDF2-AES256, which means it is virtually impossible to brute force.
Clearly, I’m biased towards a single password manager, but there are others like Dashlane, KeePass, Roboform, but don’t use a password protected Excel file as the password can be broken in minutes!
You can find out more information on password managers here:
Jennie is a focused, strategic leader with a proven ability to encourage and motivate others. She has excellent people skills... Read More From Jennie Cleal
Our Latest Insights.
Our work means different things to different clients and we wanted to share some details of the projects we have managed to give you an insight into our capabilities and the impact we have delivered as a business.
Did you like what you read? Did you want to find out more about the subject? Or did you simply want to get in touch with us? Either way if you would like to get in touch with us you can do so using the form on the right.
Get In Touch
Want to find out more?
Follow the links below find out more about the services we provide, our insight into the industries we serve or the opportunities available with us.