Password Security — Who’s to Blame for Weak Passwords? Users, Really?
The vulnerability of people falling into the traps of online miscreants is huge. Owing to a large number of people coming online for the first time (mainly from the third world countries), the issues of hacking, data theft, impersonation etc. has witnessed an unprecedented rise. Limited knowledge of how the internet works and how to respond to a situation which could probably expose their personal information makes them prone to such attacks. But who really is to be blamed? Let’s find out.
New users generally tend to pick a password which they can remember easily, without realizing that such passwords can be ‘easily’ guessed or traced by the hackers and the likes. They set their phone numbers, or their birthday, or their child’s name as their passwords. Or even worse people tend to choose generic words like ‘password’ and ‘123456’ as their passwords. This is what a recent survey found about the passwords that most of the netizens are using.
Ignorance about the dangers of the internet is what drives the creation of such passwords. Some try to get innovative and replace alphabets with numbers. One such example of such a password is “pa33w0rd”. Although a bit secure, it still fails to protect you completely against any unauthorized access to your accounts.
Educating and sensitizing users about strong passwords is the only solution. However, it is not practically possible to educate each and every user about it, largely owing to the huge influx of new users each day. Forget the new users, even we do not keep a strong password for each and every online account. Do we keep separate passwords for every account? Do we create a strong password for EVERY account we use? Do we follow every security measure listed on every website? The straight answer is a big NO!
Who is really responsible?
Would we have set a weak password had the website not allowed such passwords to be kept? The developers, too, take responsibility in this regard and never allow weak and commonly used passwords for their websites.
People are easily annoyed when a website requires them to fulfill certain prerequisites such as having minimum 8 characters, the inclusion of both upper and lower cases as well as a special character and a number. People must realize that this is done for their safety only and the website or the developer has nothing to gain from it.
However, not every website has such strong password policy. This makes such people of the website vulnerable to cyber-attacks. Taking advantage of such a situation is extremely easy for any hacker.
Stealing passwords is a walk in the park if the hacker has proper computing power/abilities and a password cracking tool. Such tools can try every possible word, number, symbol combination till the password is cracked. This makes a small password very easy to crack (thanks to permutation and combinations. However, if you have a larger password with a combination of letters, numerals, and symbols then it is much harder to crack even for the biggest of hackers. Just make your passwords complex.
How to choose a strong password?
Making sure to choose a strong password, even when the website doesn’t require you to do so, make you less prone to cyber-attacks. Also, keeping different passwords for different websites is essential if you wish to keep your online data secure. You make take help of password managers to manage different passwords for your different accounts. This way, you may not have to memorize each and every password of yours. Opt for two-step authentication, wherever applicable/possible.
Passwords are your only key to securing your online data. Losing or exposing your password to some unauthorized person may spell doom for your online life. Users, as well as the developers, are partly responsible for the creation and use of a weak password. Readers are advised to not opt for the passwords which can be easily remembered. Rather go for complex passwords to make life difficult for the hacker and lurkers all around you!