The most common passwords can be cracked in less than a second
More than half of the cyberattacks that occurred globally last year were related to credential theft, and the issue of their reliability is still an issue among users. passwords most common in Spain, “administrator”, “123456” or “12345678”can be decrypted in less than a second.
This key weakness is a clear sign of a need to change authentication methods and a lack of cybersecurity awareness. Every first Thursday of May is celebrated World Password Dayan initiative promoted by several companies in the field of computing and cybersecurity in order to attract the attention of users.
Securing user accounts is critical as they store personal and confidential information such as bank details, emails, private conversations, photos, videos and phone numbers.
If someone were to gain access to them, as the National Cyber Security Institute reminds (Insibe), could be used, for example, to commit fraud on behalf of the victim or steal his identity.
One withStrong password It must be at least 8-10 characters long, have a mix of upper and lower case letters, numbers, and special characters, and must not include personal information, common words, or keyboard sequences such as 123456 or qwerty.
Change them at least twice a year.
But in addition, you need to create credentials another for each online account and change them periodically, at least every six months, especially on sensitive accounts and sensitive information such as banking or email.
Due to the multitude of online services used and the need to have multiple passwords, Incibe adds, often for convenience, the user ends up in error of using the same for everything -according to the report The impact of technology on the lives of Spaniards Kasperskyabout 20% of respondents always use the same ones.
Password manager and two-step verification
Therefore, it is important to know the benefits offered password managerwhich provides, among other things, greater convenience, since you do not need to remember all the keys, it is enough to know a strong master password.
But this is not enough, warns Incibe: when possible, in the online service two-factor authenticationalso known as two-factor or two-step verification.
This feature adds an extra layer of security because accessing accounts requires a second step in addition to a password that only the user has, such as a one-time code sent to the mobile phone.
Cyber criminal tactics
Among the main ways of stealing keys are: phishing, smiling And vishing (persuasion tactics using emails, calls or messages to trick users into obtaining their passwords); brute force attacks (automated software tries to guess the password by trying different combinations until it finds the right one); And Keyloggers (malware that logs keystrokes).
Like everything related to cybersecurity, awareness is one of the “unsolved topics” and there is a long way to go in this area, he summarizes for EFE. Juan Manuel Pascualcybersecurity expert and CEO of Innovery in Spain, Latin America and the USA.
“It is vital that society as a whole understands these risks and takes management of their passwords seriously to reduce risks.”
Insecure passwords not only make it easier to access personal and business systems, but also remove a critical barrier against cyberattacks, Innovery expert emphasizes: keys are the first line of defense for privacy and security in the digital sphere.
However, “a strong password is essentially one that is disposable“, concludes Pascual.
“We always hear that passwords should be long to make them harder to crack, but the truth is that nothing will help with the arrival of quantum computing“, says this expert.
The weakest passwords in streaming services
NordPass, a password manager for businesses and individuals, publishes a report each year comparing the 200 most common passwords in 35 different countries; Up to 70% can be hacked in less than a second.
IN 2023the most common in Spain in this order were “Administrator”, “123456”, “12345678”, “123456789”, “12345” and “password”., they are all very weak – less than a second to detect them. “Mallorca64” appears in the eighth position, and there are 6 days to reveal it.
Compared to the previous report, the situation has not changed much. IN 2022 the most frequently used number in Spain was “123456”, followed by “123456789” – both detected in less than a second. The third position was taken by the “swing”, which was figured out in six seconds.
The study concluded that in Spain too, the weakest passwords are used for streaming accounts, while the strongest are used for financial accounts. This may be due to access to persistent or live platforms distributed among several users and for convenience, choose those that are easy to remember.