Millions of internet users are failing to follow advice about how to stay safe online and are falling victim to cybercrime attacks.
In Britain alone last year, police handled 2 million reports of online fraud that costed victims a massive £11 billion.
And that figure was just the tip of the iceberg when adding in similar scams in North America and Europe.
Despite the staggering statistics and fear of losing money to crooks, two out of three people online are ignoring government guidance about how to set passwords that are harder to crack.
Internet providers and financial institutions acknowledge that picking a memorable and secure password is not easy.
Brute force hackers
The truth is although some passwords are harder to crack than others, any sequence of numbers, letters and symbols can be broken eventually.
Hackers break passwords with special softeare that runs through millions of number and letter combinations in seconds.
Security experts SplashData keep an annual list of the worst passwords – so check them out and make sure you are not using any similar security codes.
The most popular bad passwords are ‘password’ and ‘123456’. These would be broken in seconds.
To find out if how long brute force would take to break your passwords, try the checker at howsecureismypassword.net. Scientists have found the human brain is not equipped to generate and remember lists of random passwords. The problem is explained as part of Benford’s Law.
Take a popular password like ‘qweasdzx’.
The letters seem random, but now trace them on a qwerty keyboard.
Short phrases of two or three words sprinkled with uppercase letters and a few numbers are harder to crack than shorter phrases of six or eight letters/numbers.
Two-step authentication is also more secure than password-only security, but is a pain to manage.
The process involves typing and password and a random code generated and sent to the user by smartphone. The principle is a hacker may have a password, but this is useless to them unless they have your smartphone as well, which is unlikely.
Another tip is to regularly change passwords and to use a password manager to manage them. Also, try not to use web sites that do not allow secure access.