A hacker can crack an eight-character password of just lower-case letters in about 10 minutes. But, if you use a 15-character password with uppercase and lowercase letters, and combine it with numbers and symbols, it will take a hacker 47,000 years to crack that password.
Beware of single sign-on
Using single sign-on offered by Facebook or Google might be convenient, but it makes you more vulnerable to online fraud. All a hacker needs to do is to hack one password to access any linked account.
Seven ways to practise good password management
- Create different passwords for every account
- Make your password at least 15 characters' long. Use upper and lower case letters and include numbers and symbols
- Never use information that can be found online easily, like your date of birth
- Use offline password managers like KeePass. Avoid online password managers – these are risky and can be hacked
- Enable second-factor authentication for as many online accounts as possible. When you enter your name and password, you will get a one-time PIN on your phone to log into your account
- Don’t store passwords on your computer, phone or tablet. Many devices will back up your data to your cloud account. If your cloud account is hacked, cybercriminals will have access to all the passwords that you have saved to the device.
- Never save passwords when prompted by your browser. Enter your username and password every time you visit the site.
Consider a ‘passphrase’ when creating a password. For example, ‘!nVescISthe8est#’ – the phrase ‘Investec is the best’ is created with a strong combination of upper case and lower case letters, numbers and symbols and will be easier to remember.