Passwords are a facet of modern society that we're unlikely to see the back of any time soon. From our phones to our online banking, everything that we value in the digital world is protected by a password of your choice. That choice is a difficult one to make, and making the wrong choice can have disastrous consequences for you and your business.
It's been reported that 2014 was the year of Secure Shell Brute Force, overtaking the malicious code method that prevailed for the two years prior (Source), and at the start of 2015 our forensics team have noticed a further increase in these types of attacks against online authentication pages. Whilst Brute Force attacks are easy to detect with the right software, by the time you've detected it the intruder has already accessed your system and perpetrated the attack. For this reason, it is essential to be pro-active about ensuring your passwords are secure and fit-for-purpose.Advice on choosing a secure password varies, but it's generally accepted that a secure password is unique, long, and contains as many different types of characters as possible (uppercase, lowercase, punctuation etc). A password of "wci9Q*5at+kb" is far more secure than your pets name or your date of birth, but is an order of magnitude more difficult to remember. According to research, one person has an average of 17 private passwords and 8.5 work related passwords to remember (NorSIS Password Survey 2012), and it's going to be near impossible for the average person to commit 25.5 unique, long, gibberish passwords to memory. This means that the user has to make a sacrifice - either sacrifice the ability to actually remember your password, or sacrifice the entire security of your website because of a poor password choice.
Thankfully, there are solutions out there that mean that you don't have to make that sacrifice anymore. Password managers come in many different shapes and sizes, but all have one single goal - to securely store your passwords so that you don't have to worry about remembering every single one of them. This means you can secure your website with strong, difficult to guess and unique passwords without sacrificing the conveniance of logging in easily. Most password managers also come with a password generation facility, which will make generating a secure, random password as easy as clicking a button. The only caveat is that you must make sure your master password - the single password that allows you access to your password manager - is secure itself, but it's far easier to remember one secure password rather than 25.