Attention: If your password is your pet's name you must change
Choosing a password is not always easy! However, to “make life easier”, users end up choosing simple and very common words. In this way they are facilitating the work of cybercriminals. According to a recent study, one in six people use the pet's name as a password.
If your password is the name of your dog, cat, fish, etc … you should think about changing it as soon as possible.
Cybercriminals use dictionary attack to find password
A recent study in the UK found that one in six people uses their pet's name as a password - a danger to which cybersecurity company ESET draws attention. According to the company, the problem of using common names (even those of our pets) in passwords, is that they can be discovered from dictionary-based attacks, as they can also be easily obtained through social engineering techniques, namely from the public profiles of users on social networks.
A dictionary attack consists of testing passwords, using a file that has thousands of words. The same study, conducted by the United Kingdom’s National Cyber Security Center (NCSC) found that other Popular passwords include family names (14%),important user dates, such as birth or marriage (13%), and even the name of your favorite sports club (6%) - not to mention that 6% of respondents admit to using “password” as… their password!
Without realizing it, we share a lot of data about our lives through social networks, which include posts that can be easily observed by cybercriminals and that are able to reveal the names of our pets, family and friends or relevant dates
Ricardo Neves, Marketing Manager at ESET Portugal
Most websites and online services recommend using passwords with at least 8 characters, but we can use many more. One technique for creating a secure password is to use a phrase (instead of a single word) that consists of three words, which can be separated or not by special characters (£ # @%, etc.) and / or figures - since it is often required to use more than just letters of the alphabet.
Another alternative is the use of a password management tool, (protected by a complex master password) being able to manage different passwords of great complexity for each website or service that we intend to protect.
Ricardo Neves also suggests that “whenever it is available as an option, we should use two-factor authentication, in order to create a second layer of security, which will protect our account even if the access credentials have been compromised”.