Get free updates - subscribe to our monthly newsletter Subscribe
How long do you think it would take a good computer hacker to crack your password?
As an advocate of online products such as Xero and its many excellent add on partners, and that given one of the consistent push backs I get is with regard to the online safety of these providers, I thought I’d write a blog on password security.
Recent events involving TalkTalk have highlighted that no online business is untouchable; however, weak passwords still pose the greatest risk to online users. These companies can spend millions on online security but if you use one of the passwords highlighted below then it is simply wasted money.
Splash Data recently announced their top 25 passwords for 2014 which are shown in the table below. This clearly shows that many people are still not taking the risks seriously. Hopefully no one reading this will have any of these but if you have I would strongly recommend you change them immediately.
So what simple steps can you take to reduce your risk? I recently heard Cyber Street Wise on the radio discussing their three tips to help businesses best protect themselves form online hackers cracking their passwords, so I thought I’d share them with a little analysis.
Installation of security software and the downloading of regular updates were two of the tips which are sound advice.
Their main tip though related to password selection. Most of us are now familiar with using capitals, numbers and symbols in passwords but the downside is that it makes it very difficult to remember and this leads to people writing down their passwords which isn’t advisable. Cyber Street Wise have a simple recommendation - select three random words. This will have the benefit of making your password very strong whilst being easy to remember.
How effective is this? Using an example with a simple password such as “elephant” a hacker with good resources could crack this password instantly. Those of us that mix the password up may use a mixture of numbers, symbols, etc. might come up with “El3ph@nt” this does increase the time to hack to three days; however, it is a bit trickier to remember.
So from here let’s go to three random words “elephantcanadapurple” this simple to remember password changes the time to crack from three days to 157 billion years. Given that scientist believe the big bang happened 13.6 billion years ago 157 billion should be good enough for most of us!
If you are still a little risk averse and think that 11 times the universe’s existence isn’t long enough you can simply add a symbol such as * to the front and back of the password “*elephantcanadapurple*” which will increase the time to crack to a mind boggling two quintillion years. Just in case you are wondering what that number looks like here it is:
2,000,000,000,000,000,000,000,000,000,000 – Quite a long time
Please make sure the three words you choose are random and not personal to yourself such as your three children’s names as this significantly weakens your password to people who can obtain that information from publicly available sources.
Xero adds additional security
Xero has recently added Two Step Authentication, this uses the Google Authenticator App to provide an additional layer of security to access your accounts, check out this great video that explains what it is and how to set it up.
So a good strong password and an additional authentication code via Google Authenticator will make Xero one of the most secure cloud packages available.
If you have any queries on Xero or other add on products please do get in touch.
If you like this article and would our FREE updates sent straight to your inbox then subscribe to our monthly newsletterSubscribe
All content © 2015 Armstrong Watson. All Rights Reserved. Website by Simon Pighills.
Armstrong Watson LLP is a limited liability partnership registered in England and Wales, number OC415608. The registered office is 15 Victoria Place, Carlisle, CA1 1EW where a list of members is kept. Armstrong Watson Accountants, Business & Financial Advisers is a trading style of Armstrong Watson LLP. Armstrong Watson LLP is regulated by the Institute of Chartered Accountants in England and Wales for a range of investment business activities.
Armstrong Watson Audit Limited is registered to carry on audit work in the UK and Ireland by the Institute of Chartered Accountants in England and Wales. Registered as a limited company in England and Wales No. 8800970. Registered office: 15 Victoria Place, Carlisle, CA1 1EW
Armstrong Watson Financial Planning Limited is authorised and regulated by the Financial Conduct Authority. Firm reference number 542122. Registered as a limited company in England and Wales No. 7208672. Armstrong Watson Financial Planning & Wealth Management is a trading name of Armstrong Watson Financial Planning Limited. Registered Office: 15 Victoria Place, Carlisle, CA1 1EW