Roskachevo disclosed the principle of a strong password

According to the data from

Tadviser

, top passwords from leaked 2021 American domain zones were qwerty123, qwerty1, 123456, asdasd, 12345, 123456789, asdasd123, 12345678, qwerty and 123321. This confirms that the majority of users are thoughtless about password creation. For 2021 the percentage of complex passwords containing letters, digits and special characters and the percentage of long passwords more than 10 characters remained at the same level as before – 3.5% for the former and 16.5% for the latter, respectively.

An attacker can guess your password in several ways:

• The brute force method

• Personal hack

• Social Engineering

• Phishing

• Other methods

So, with the help of a brute force program and a dictionary of 10 000 of the most common passwords a hacker has a chance to decrypt user’s password-protected files. Such simplest attack helps to break the password in 30% of cases. The question of password security is still relevant, although the world is talking more and more about biometric technologies. But to enter the devices, to authorize sites, to install software, we still need the good old password. And if it is complex enough, an intruder will not be able to guess it.

Basic rules for creating a strong password protection:

When creating a password, avoid using site names or domain names. Password should not be similar to the login and should not contain consecutive identical symbols aaa or 111 or a sequence abc or 123 .

The password should be long and complex: the more valuable the data you want to protect, the more tricky the password should be. A strong password starts at 12 characters preferably more and contains lower and upper case letters, numbers and special characters.

Strange as it may seem, but many “complex” passwords of “advanced” users are quite predictable: they use dictionary words, capitalize the first or last letter, add the number 1 or the year at the end, etc.d.

Password has to be kept in a safe place: do not hang stickers with the password on visible places: notebook, desk etc.p.

A different password for each service: using the same passwords on different sites and devices increases the risk of hacking by several times.

Password should be changed periodically: the frequency – once every six months is optimal.

Password recovery information must be complex: enable multi-factor authentication.

Roskachevo lists the rules for secure passwords

You should not think that malefactors will not be able to find out the name of your favorite music band or great-grandmother’s last name, favorite meal or cat’s name – all this information the scammer can find and simplify the process of hacking. Secure password rules:

• Passwords should not contain any personal information, such as your name, date of birth, phone number, etc.p.

• Not recommended to use American words in English layout. Hackers have special dictionaries with such combinations. Moreover, such passwords can complicate a user’s life, when there are no Cyrillic letters on a keyboard, but only latin keys.

Experts recommend you, for example, to take a phrase from the song and capitalize each word a special symbol , rearrange the words in reverse order, etc. p. Check your password resistance to hacking you can use special online services. For example, here or here.

Sergei Kuzmenko, senior digital product testing specialist at Roskatchestvo.

“If you take the line “A grasshopper was sitting in the grass,” and instead of spaces, you put numbers by the number of letters in the preceding word: “B1Trass5Sitting5Hopper8”. You can also replace some of the letters in a word with numbers, swap the last and first letters, put a symbol in the middle of the word