Audensiel assists its clients in the governance of cybersecurity issues as well as in the management of projects for data defence and security. Today, for the use of accounts, the password is essential and ubiquitous. But is the chosen password really as secure as we think ?
A complicated combination choice
Generally, the user is asked to set a password with a capital letter, lowercase, numbers and a special character. Bill Burr through the US agency NIST gave this advice in 2003. However, this combination is difficult for the user to remember, especially when there are as many tools to use as passwords to remember. Moreover, despite the complexity of the password (in appearance), it is very easy for a hacker to break it.
In 2017, Bill Burr went back on his words by proposing to make a sentence or a series of words.
Best practices for an effective password
1/ avoid a password too simple : according to the study of Hive Systems and France Num, a hacker can find a password of less than 8 characters in a few seconds.
2/ choose a long and robust password : if you opt for a password consisting of numbers, letters in upper and lower case and symbols, it must contain at least 11 characters to be sufficiently secure against hacking. If you choose a sentence or a sequence of words, it should be long enough. The ideal number of characters for a strong password is 17 characters.
3/ adapt to hacking : hackers take less and less time to find passwords. In 2020, a complex 8-character password could be found in 8 hours. In 2023, it’s 5 minutes.
The cybersecurity by Audensiel
Audensiel works with clients in all sectors of activity to support the implementation of information security governance.
Learn more about our offer here:
Sources :