I’m a ‘hacker’ and these are the easiest passwords to crack – change yours now

A so-called “ethical hacker” has released advice on how to make your online accounts more secure and the tips are definitely worth following if you want to keep your personal data safe. Joe Cockcroft is trained in hacking into complex systems and understanding how cyber criminals carry out attacks and it seems too many of us are making the life of crooks far too easy.

“Using identifiable information, such as a favourite football team, names of family members, or the city you live in, can make passwords easier to determine,” explained Cockcroft.

“While this information may be easy to remember, it could also be easy for threat actors to figure out after a short time exploring your social media profiles, for example.”

For example, in a recent study by NordPass, words such as arsenal, chelsea and liverpool all featured in the top 12 most used in the UK.

Cockcroft says that it’s vital we switch to more complex and longer passwords. “The length of a password also plays a huge role in how easy it is to compromise. A short password with a mixture of numbers, symbols, and letters will be easier to compromise than a long password with only letters and spaces.”

Another important tip is to stop using the same code for multiple accounts as once the password is hacked on one account it can then be used to access multiple platforms.

“Using the same password in multiple places risks the security of multiple accounts and should be avoided,” Cockcroft confirmed.

“This includes passwords that are largely similar, such as those where a number or symbol has been added to the end. Some users will utilise a pattern that allows them to easily create and remember different passwords for each site, however, be aware that threat actors may be able to decipher this pattern after observing one or more compromised passwords.”

Google Chrome introduce new password protection feature

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

Another useful piece of advice is to use something called multi-factor authentication. This requires an additional factor to gain access to an account in addition to the usual username and password combination. This usually takes the form of a code which is delivered to a mobile device via app or text message.

Explaining more Cockcroft said: “Enabling this on accounts can help to negate the success of an account compromise, as the threat actor is unlikely to have access to this code. It will also notify the user if somebody an unauthorised person has logged into your account.”

Finally, it’s a good idea to check if your accounts have ever been compromised in a data breach.

Sites such as Have I Been Pwned will reveal if things have ever been revealed in a cyber attack – it takes seconds and could save your accounts from being hacked.

“It’s important to stay aware of any data breaches that your accounts may be involved in,” Cockcroft added.

“This will not only indicate that you need to change your password, but also highlight what other information may now be easily accessible by threat actors.”

This advice has been issued to coincide with October’s National Cybersecurity Awareness Month with new research also being released that shows just how bad our passwords have become.

The study, which was performed by the cyber team at Redcentric, found that 20 percent of Brits have just one to two passwords for all of their online logins.

The study of 2,000 Brits also found a huge 77 percent don’t use a password manager and an alarming 23 precent save their passwords in the browser. In addition, a third of Brits say they generate their passwords randomly.

Speaking about tye issue Tom Holloway, head of cybersecurity at Redcentric said: “The fact that so many people reuse the same password on multiple accounts/services is a real worry. The concern is that if their credentials for one site are compromised, those credentials could be used to access a wide range of password-protected services with relative ease.

“This research shows that, by no fault of their own, Brits are lacking a lot of knowledge when it comes to generating and storing their passwords. With cyber attacks becoming increasingly common, and the capabilities of cyber criminals becoming more and more complex, this is concerning. “

Source: Read Full Article