How long do you think it would take a good computer hacker to crack your password?
As an advocate of online products such as Xero and its many excellent add on partners, and that given one of the consistent push backs I get is with regard to the online safety of these providers, I thought I’d write a blog on password security.
Recent events involving TalkTalk have highlighted that no online business is untouchable; however, weak passwords still pose the greatest risk to online users. These companies can spend millions on online security but if you use one of the passwords highlighted below then it is simply wasted money.
Splash Data recently announced their top 25 passwords for 2014 which are shown in the table below. This clearly shows that many people are still not taking the risks seriously. Hopefully no one reading this will have any of these but if you have I would strongly recommend you change them immediately.
So what simple steps can you take to reduce your risk? I recently heard Cyber Street Wise on the radio discussing their three tips to help businesses best protect themselves form online hackers cracking their passwords, so I thought I’d share them with a little analysis.
Installation of security software and the downloading of regular updates were two of the tips which are sound advice.
Their main tip though related to password selection. Most of us are now familiar with using capitals, numbers and symbols in passwords but the downside is that it makes it very difficult to remember and this leads to people writing down their passwords which isn’t advisable. Cyber Street Wise have a simple recommendation - select three random words. This will have the benefit of making your password very strong whilst being easy to remember.
How effective is this? Using an example with a simple password such as “elephant” a hacker with good resources could crack this password instantly. Those of us that mix the password up may use a mixture of numbers, symbols, etc. might come up with “El3ph@nt” this does increase the time to hack to three days; however, it is a bit trickier to remember.
So from here let’s go to three random words “elephantcanadapurple” this simple to remember password changes the time to crack from three days to 157 billion years. Given that scientist believe the big bang happened 13.6 billion years ago 157 billion should be good enough for most of us!
If you are still a little risk averse and think that 11 times the universe’s existence isn’t long enough you can simply add a symbol such as * to the front and back of the password “*elephantcanadapurple*” which will increase the time to crack to a mind boggling two quintillion years. Just in case you are wondering what that number looks like here it is:
2,000,000,000,000,000,000,000,000,000,000 – Quite a long time
Please make sure the three words you choose are random and not personal to yourself such as your three children’s names as this significantly weakens your password to people who can obtain that information from publicly available sources.
Xero adds additional security
Xero has recently added Two Step Authentication, this uses the Google Authenticator App to provide an additional layer of security to access your accounts, check out this great video that explains what it is and how to set it up.
So a good strong password and an additional authentication code via Google Authenticator will make Xero one of the most secure cloud packages available.
If you have any queries on Xero or other add on products please do get in touch.
If you like this article and would like our FREE updates sent straight to your inbox then subscribe to our monthly newsletterSubscribe