Your Passwords Could be Plotting Against You - Here's How a Password Manager Can Help

Passwords are the first line of defense against hackers — and often, they are the only measure of security preventing unwanted access to your account.

And while passwords are intended to increase security, they are more often than not a detriment. Why is this?

The answer is simple: most of us use the exact same password for all of our accounts.

MY FITBIT ACCOUNT GOT HACKED — SO WHAT?

Even if you refrain from using the same password for every account, it is very likely that you use a variation of the same password — often by adding or replacing a number, symbol, or even capitalizing a specific letter for a more important service like an online bank account.

Don’t feel guilty if you do this — the vast majority of us do — and this is a participating factor in why hackers are so prevalent and successful. Simply put, once a single account has been compromised, it is more than likely that all of your accounts are compromised.

So if your FitBit account was hacked, it is not the FitBIt account you should be worried about — it is your insurance username and password, or your email password, or your bank account.

While variations of your preferred password will help, when hackers are only left to guess a small amount of variations in a password, they are able to very quickly brute-force their way through your defenses. This chart details exactly how fast your password can be cracked:

image-password

Even if your password variations vary by three or four characters, your password can be cracked instantly once a pattern has been recognized by the hackers. What this means is that adding an extra number, letter, or symbol to the end of your password doesn’t provide any extra layer of security — it is merely a distraction for a hacker with a password cracker.

HOW PASSWORD MANAGERS HELP

When we hear “password manager,” we tend to think of an app that stores and autofills our passwords for our various accounts — and while these quality-of-life features are standard fare for a password manager, they pale in comparison to the true benefit of this security-enhancing software: dissimilar passwords.

When you don’t have to remember every password for every account, you can create passwords using completely random strings of case-sensitive letters, numbers, and symbols, and all while using disparate combinations.

What this means is that by using dissimilar passwords of nine characters each, you can create a scenario where it takes a hacker twelve years to crack a single account — forcing them to lose interest, and go after an easier-to-crack account.

And better yet, password managers will generate these randomized passwords for you — meaning all you need to do is add your accounts to the password manager, and you can rest assured that your accounts are secure.

WHAT IF MY PASSWORD MANAGER IS CRACKED?

There is, of course, no service that is completely secure. Anything and everything can be broken into if an individual is determined to do so. However, password managers will have the option for two-factor authentication — meaning when logging into your account, after entering your password, you will receive a text on your mobile device giving you a temporary access code to input into the device you are using to access your password manager.

This helps to prevent hackers from simply cracking the password to your password manager, as they will also need access to your mobile device in order to receive your temporary code. When using a password manager, always ensure you have the two-factor authentication option selected.

PASSWORD MANAGERS ARE MORE THAN PASSWORD VAULTS — THEY CREATE UN-CRACKABLE PASSWORDS

The true power of a password manager is the ability to create dissimilar passwords — not autofilling and storing passwords. A password manager, simply put, can make the difference between a hacker accessing all of your online accounts in a matter of minutes, or a matter of years.

If you’d like to check if your password has ever seen activity on the dark web, visit our password checker.

Jeff Blount
Jeff Blount is a vCIO for Cobb Technologies with over 14 years of experience in the tech industry, and before Cobb, worked in AEC and eCommerce. With Cobb since 2011, Jeff helps our Managed IT partners manage and grow their digital systems. When not finding solutions for SMB and enterprise level businesses, Jeff can be found out on the soccer field with his family.