Passwords have become, without doubt, the Internet's ID card. Thanks to passwords, a user can prove who they are and unauthorized access can be prevented. However, by the same token, should a malicious user steal or discover this data, they can assume a user's identity and access services and applications.
One of the basic rules for choosing a password is to ensure it is both long and complex in terms of characters. As a rule of thumb, a good password is a least eight characters long and comprises a mix of letters, numbers and special symbols (eg. "ke8_SP.2").
Although creating a good password is not difficult, with so many services requiring password authentication, remembering them can be a problem, especially as the objective is to avoid having a series of numbers and letters that are easy to guess or remember.
To prevent having to remember a variety of different complex passwords, many users have same password for different applications, services etc. Unfortunately, this increases the risk of an attacker stealing users' digital identities, as the password could be stored in applications and potentially accessible to others. If the same password is used for using a computer, accessing web mail and electronic banking, an attacker who cracked one of the passwords would have simple access to the others.
To summarize, it is important to use different passwords, especially when it comes to services with confidential information (such as online banking services), and only use simple passwords for less important services (for example subscription to online newspapers, etc.).
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.