Since passwords are so hard to remember and you sometimes don’t sign into a site for months, many people have one or two passwords they use for everything. This is an easy way for hackers to get access to your accounts. Hackers will infiltrate sites that aren’t very secure and uncover the passwords used there. Then they run them on all the most popular sites; if you use the same password across the board, they can easily access several of your accounts. By using a different one for each site you log into, you’re not handing them your life if they figure out one password.
It obviously takes less time to type in a five-character password than a 15-character one, but that also means it will take less time for an Internet burglar to figure out. Most of us probably don’t have the interest or the determination to break into someone’s account, so it’s hard to imagine going through enough combinations to find out a five-letter password. Hackers have advanced programs, though, that allow their computers to go through hundreds of possibilities every minute. Each letter, number, or symbol you add to your passwords multiplies the time it takes to figure it out, hopefully frustrating the hacker enough that he gives up. A six-letter password that’s all lower-case takes 10 minutes to hack while an eight-letter one takes four days.
Because we as humans are so forgetful, our first instinct when choosing a password is to think of words that mean something to us personally. This makes our choices very predictable to hackers. Pet names, favorite sports teams, birthdays, and other personal bits of information are some of the most commonly used passwords, so if anyone knows even a little bit about you (or can find it on Facebook), you could be in trouble. Stay away from using your own name, names of people in your family, or any memorable dates. It should go without saying that you shouldn’t be using “123456″ or “qwerty.”
Some offices and organizations require you to change your password every 90 or 180 days, and while it seems like a hassle, it’s actually a smart practice to do with all your accounts. This is especially important to do with online banking sites or shopping sites where your credit card information might be stored. It’s also necessary if you access any accounts on public or shared computers because your password may be stored without you knowing it and some hackers use programs that record your keystrokes. By regularly changing your password to something completely different, you lower the risk of any major damage being done if someone did manage to hack your account.
Now that you know you shouldn’t use common words or your dog’s name to access your online accounts, you might wonder what you should use instead. Most Internet security experts recommend having a password that’s at least 8 characters long with a mix of capitalized and lower-case letters, numbers, and symbols. A common technique for avoiding easily guessed words is to put three unrelated words together and make up a short story that involves all three so you can remember it. You can also use the first letter of each word in your favorite line of a song or movie. Change out a couple letters for numbers or special characters, and your password should be too much trouble for a hacker to figure out.
Once you’ve updated all your passwords to long strings of letters and digits, you’re probably going to forget one along the way. Security experts say it’s a bad idea to write down a list of all your passwords and leave it on or near your computer because someone could easily steal it. The smartest alternative is to use a trusted password manager, which can be web-based technology, software you put on your computer, or a portable device. Password managers keep track of your various passwords and often protect against keystroke recording programs and look-alike sites that hackers use.
source:
Background Check
I recommend EHN Magazine "Password is 123456" to know more about the Passwords risks and Security tips