Jump directly to the content
US Edition

MORE SECTIONS

MORE FROM THE SUN

NewsPhones & GadgetsGamingScience
WORD UP

Android and iPhone owners warned of ‘password myth’ that lets log-in be stolen in seconds – three rules never to break

There's a phrase mistake you must avoid

A COMMON password myth could be leaving your online accounts exposed.

Security experts are urging all gadget owners to check their account passwords to make sure they're not falling foul of a key rule.

Make sure your password is long enough
1
Make sure your password is long enoughCredit: Alamy

It's linked to the length of your passwords – it may be far too short to stay from being "cracked".

That's when crooks use apps to guess endless combinations of log-ins to try to break in.

"In 2024, a strong password is a long and complex password," explained Ashley D'Andrea, of Keeper Security.

"In the past, a strong password was considered strong if it contained 12 characters.

Read more on passwords

I'LL PASS

Samsung shares easy-to-miss setting that stops passwords being ‘leaked’ online

LOGGING ON!

Following password ‘myth’ ends up ‘being worse’ – ignore common log-in rule

"However, the standards have now changed to recommend a strong password be at least 16 characters long."

The difference in how long it takes a password to be cracked based on length can be staggering.

A 2023 report from Oberlin College revealed how a password of numbers only could be cracked "instantly" if it contained fewer than 12 characters.

Meanwhile a 16-number password would take an hour to crack.

Most read in News Tech

Celebrities are most at risk of AI 'voice cloning,' experts say
VISHING FOR ANSWERS

Celebrities are most at risk of AI 'voice cloning,' experts say

‘Think twice’ if you spot four-word warning on Google Chrome – you may be hacked
STAY ALERT

‘Think twice’ if you spot four-word warning on Google Chrome – you may be hacked

Futuristic Moon streetlights could help scientists adjust to long lunar nights
DAY & NIGHT

Futuristic Moon streetlights could help scientists adjust to long lunar nights

Roku and Amazon Fire Stick fans can unlock 92 new channels plus 50,000 movies
FREEBIE TV

Roku and Amazon Fire Stick fans can unlock 92 new channels plus 50,000 movies

A password of lowercase letters might take a hacker 14 hours to crack with 12 characters.

Passkeys Your Key to a Safer Digital World

But this rises to 713 years with 16 characters.

THREE PASSWORD RULES TO FOLLOW

But character length isn't the only issue.

"Not only should your password be 16 characters long to be strong, but you should also include a variation of uppercase and lowercase letters, numbers and special characters to make it complex," Ashley explained.

The same cracking report from above says that while a 12-character password with numbers, upper and lowercase letters, and symbols takes 226 years to crack – it would take five billion years to break into a 16-character equivalent.

STRONG PASSWORD TIPS – DON'T IGNORE THEM!

Here's what you should be trying...

  • Use a Mix: Combine uppercase letters, lowercase letters, numbers, and special characters.
  • Avoid Common Words: Steer clear of easily guessable words and phrases.
  • Length Matters: Aim for passwords that are at least 12 characters long.
  • Unique Passwords: Use different passwords for different accounts to enhance security.
  • Passphrases: Consider using a series of random words or a memorable sentence.
  • Memory Tricks: Use mnemonics or acronyms to remember complex passwords.
  • Password Managers: Utilize password management tools to store and generate strong passwords.

Similarly, don't re-use passwords or you make a hacker's life much easier.

Secondly, it's important to make sure you're not putting anything silly in your password.

"A great way to make sure you have a strong password in 2024 is by avoiding the use of common words or phrases as well as any personal information," Ashley said.

"For example, imagine your pet’s name is Buddy and you decide to add your birthdate to your password to make it Buddy1387.

PASSWORD RULES – DON'T BREAK THEM

Here are some important tricks to follow, as revealed by Keeper Security...

  1. Make sure to use a combination of upper and lowercase letters. It's much easier to "crack" a password if it only uses lowercase letters.
  2. Never include personal data like your birthday, street address, and certainly not your name.
  3. Ensure that every password has at least 12 characters. This will significantly increase the time it would take a hacker to crack your login.
  4. Include symbols whenever you can. Not all services allow this, but if you can add question marks, exclamation marks, hash symbols, and slashes, your password will be far safer.
  5. Ensure that you're using varied and non-sequential numbers. So, rather than having 1234 at the end of your password, mix them in and use a random order.
  6. Avoid, where possible, using words found in the dictionary in your password.

"A cybercriminal can use publicly available information, such as your social media profiles, to gather this information about you and your pet from your online accounts, then use that to gain access to them."

And thirdly, don't let your account's safety rely entirely on a good password.

Read More on The US Sun

SMALL COMFORTS

Travis Kelce sent Taylor $5.8k in flowers & chocolates after terror plot

HORROR CRASH

Plane crashes leaving 61 dead as chilling footage shows it dropping out of sky

Turn on two-factor authentication so you need another piece of info to log in – like a code sent via text, or through an authenticator.

And if your account has the option to use Passkeys (which can't be leaked) then turn those on too.

Topics
YOU MIGHT LIKE
RECOMMENDED FOR YOU
MORE FOR YOU