In 2015 Dashlane reported that the average US citizen has 130 online accounts. If we know anything from the Ebay hack or Yahoo Hack, it’s that every online account you have is susceptible to being hacked. Each account likely has a goldmine of information including but not limited to social security numbers, credit cards, birthdate, address, email, password and security questions. This means that on average, each person has 130 potential points of entry into their personal information protected by a password—possibly even the same password if you re-use passwords.
Passwords 6 characters and under can be hacked in as quickly as 10 minutes, 7 characters is 4 hours, 8 characters is 4 days and 9 characters is 4 months. By simply adding password length, numbers/symbols and uppercase the time it takes to crack a password dramatically increases. A 9-character password, with uppercase, numbers and symbols takes 44,530 years to hack.
Once your password is stolen from an online hack, it’s cross referenced against your email and is used to attempt to log on to popular websites like Facebook. Online accounts are also bought and sold on the “Dark Web” much like the way stolen W-2’s are bought and sold on the web.
There are many reasons to move to a passphrase rather than a password. Most importantly, the length makes it harder to hack while the phrase makes it easy to remember. If the Cowboys won the super bowl, unfortunately they didn’t even go, this would’ve been a good example: WOO!TCBwonSB51 = Woohoo! The CowBoys won Super Bowl 51!
Your password is often the first line of defense, if not your only defense in order to protect your online banking, business accounts, social media and company documents. Make sure you have a strong password and change it often.