CloudSEK’s cheat sheet for setting strong passwords

Despite the recent spike in phishing campaigns, malware attacks, and data leaks, a recent study of leaked credentials found that 1 out of every 142 passwords is not strong enough.
Updated on
April 19, 2023
Published on
September 15, 2020
Subscribe to the latest industry news, threats and resources.

Despite the recent spike in #phishing campaigns, #malware attacks, and data leaks, a recent study of leaked credentials found that 1 out of every 142 passwords is good old “123456,” and that only 12% of the passwords contain a special character. This trend of taking #CyberSecurity for granted needs to change.

Here’s CloudSEK’s cheat sheet for setting strong passwords that are hard to crack.

1. Strength in length

Make sure your passwords are at least 10-16 characters long. It is estimated that 9-character passwords will take about five days to break and in case of a 10-character word password will take a good four months, and 11-character passwords take about 10 years.

2. Avoid the obvious

Don’t use your date of birth, a loved one’s name, or other personal information that can be found on the internet. Steer clear of dictionary words and common phrases.

3. Variety is key

Use both uppercase and lowercase letters, numbers, and other special characters. And make sure you don’t lump the letters and numbers. Jumble and intersperse the letters, numbers, and special characters.

4. Multi-factor authentication

This way even if your password is cracked or stolen your account can’t be accessed without an OTP or confirmation.

5. Re-use makes it easy to abuse

Using the same password for multiple accounts means all your accounts can be compromised if one of your account’s passwords has been leaked or cracked.

6. Keep it moving

Change your password every 60-90 days to ensure passwords from old leaks can’t be used to compromise your accounts. Even if the password is strong this can destroy the strategy.

7. Be vigilant

Stay abreast of the latest leaks, by following CloudSEK’s cyber bulletin and threat intelligence, and check if your credentials or details are part of it. Respond immediately by changing your password and enabling multi-factor authentication.

Get Global Threat Intelligence on Real Time

Protect your business from cyber threats with real-time global threat intelligence data.. 30-day free and No Commitment Trial.
Schedule a Demo
Real time Threat Intelligence Data
More information and context about Underground Chatter
On-Demand Research Services
Dashboard mockup
Global Threat Intelligence Feed

Protect and proceed with Actionable Intelligence

The Global Cyber Threat Intelligence Feed is an innovative platform that gathers information from various sources to help businesses and organizations stay ahead of potential cyber-attacks. This feed provides real-time updates on cyber threats, including malware, phishing scams, and other forms of cybercrime.
Trusted by 400+ Top organisations