Threat Intelligence Blog

ncsam

 

By: Michael Perry

October is National Cyber Security Awareness month (#CyberAware), and we’re excited to be a 2015 Champion! This initiative, a joint effort of the Department of Homeland Security and National Cyber Security Alliance, is observed every October and was created as a collaborative effort between government and industry to help people stay safer and more secure online.

In support of this campaign, we’re releasing an educational blog post and infographic each Thursday covering different cybersecurity topics. Today’s topic, for example, is password padding. While you might already be familiar with this topic, we invite you to share this article with friends, family, and colleagues – and who knows, you may learn something new, too!

What is password padding?

Many data breaches happen due to accounts being compromised by weak passwords and the perception that as an individual, your online accounts won’t be a target for malicious hackers. Password padding refers to the practice of making your password longer, and therefore harder to breach, by adding extra characters to the beginning or end (or both!) of your password. Padding your password is something you can do on your own, or by using a password manager. Either way, it doesn’t have to be hard!

It can turn a simple-to-crack password into a strong password that is more difficult for bots and hackers to breach via the usual password cracking techniques, such as online and offline fast cracking scenarios, dictionary attacks, and brute force cracking. Extra characters can deter malicious actors in a time/effort vs. reward scenario.

Many people, whether in their role as a consumer or an employee,  don’t understand the importance of having a strong password. In 2014, more than 1 billion passwords were compromised, yet only 13 percent of online consumers update their passwords after hearing about a breach.

Pavel Krcma, Sticky Password CTO suggests, “Make sure that password rules your organization puts in place reflect the importance you place on them. Too many intra-company rules are perceived as make-work (e.g. forcing password changes every month, storing passwords in plain text, etc.) and not as a serious security factor. This perception – right or wrong – can lead to sloppy security, violations, and even data breaches! A password manager can provide you with the length and the unpredictable elements for all of your unique passwords.”

View our infographic to learn more about password padding and how to create a unique, hard-to-crack password.

Padding_Infographic_600

Contact us for more information on Cyveillance Solutions for your business.

Additional Posts

Cyveillance Weekly Phishing Report – October 5, 2015

  Phishing Report: Top Targets Week of September 27 - October 3, 2015 Author: Robert McDaniel ...

LookingGlass Weekly Threat Intelligence Brief: September 29, 2015

  We publish this weekly threat intelligence brief keep you informed on the latest security ...