Yahoo recently acknowledged that 500 million user accounts were breached end of 2014.
Yahoo recently acknowledged that 500 million user accounts were breached end of 2014. As per the investigation by Yahoo, the attack was committed by a 'state-sponsored actor' named 'Peace,' who was able to gain access to users' data, which include email addresses, passwords, birthdates and names.
The hacker group had reportedly been selling the data for the price of 3 Bitcoins on the dark web. As alarming as the thought of the data falling into wrong hands seem, the fact remains that many users still proceed to reuse older password combinations.
While data security has evolved over time, given the increasing number of newer threats that have been emerging, experts believe one of the most effective ways users can prevent their accounts from being hacked is by opting for a lengthier password. These could include special characters apart from alphanumerical.
"Humans in general are really bad password generators. No matter how unique you think your password is, its components are still likely to be in some dictionary, and a powerful cracking cluster will come up with the exactly right combination," said lead researcher Jarno Niemela from the European cyber security provider F-Secure.
"However, the password length should be at least 20 characters, but preferably 32," he added.
Hackers, through the use of brute-force attack, where the attacker tried multiple passwords or passphrases with a software tool, instantly gains access to users' accounts. Therefore, choosing a complex password is crucial.
In fact, there are many organisations that regularly recommend frequent password changes as per their security guidelines. For instance, Windows server has a default of 42 days.
Despite these security warnings, unmotivated users often remain oblivious to errors which hold the potential of giving rise to hacking situations.
How to choose the best password Use a password generator app or software
Passwords generating apps or software are especially designed to create highly secure passwords that are difficult to crack or guess. Users are given the option to select from the criteria they want and the passwords are generated automatically. The number of options you choose from the criteria can be increased for tougher security of passwords.
Use passphrases and convert them to passwords
Users can even consider generating their passwords from a sentence or pass phrase. For example, one can select a book, a page number and a sentence of up to 8 words or more. The best part about pass phrases is that they are easy to remember and only unique to the individuals that select them.
Use non-English passwords where possible
Translate the least expected language for example Sanskrit, into English and use them as passwords. The chances of hackers predicting your password is minimized.
Never use the same passwords for all accounts
It can get annoying to keep a track of different passwords for different accounts but it is most advisable to do so. The reason is fairly simple; if the hacker is able to figure out the password for one account, he/she will be able to access all the other accounts, as well.