![A string of random characters typically has higher entropy compared to a few common words due to the vast number of possible combinations. For example, a 10-character lowercase password has roughly the same entropy as a 4-word passphrase picked from a 5000-word dictionary [5].](https://passwordclinic.com/wp-content/uploads/2024/06/automation-section-3-150x150.webp "Crafting Unforgettable Passwords: A Guide for Developers")
Data breaches, phishing attacks and identity theft have been increasing, and the cause is usually easily compromised passwords. After stealing someone’s credentials the cybercriminals will use those passwords to conduct ransomware attacks against companies, use people’s payment information for purchases, and spy on users through WiFi-connected smarthome devices like security cameras and doorbells. Shorter passwords are not strong enough to provide the necessary account security.
Best practices for creating secure passwords
There are a few simple best practices that you and your company can follow for creating secure passwords. Number one, all passwords should be no less than 16 characters. Password-related research has found that 46.3% of Americans use passwords of eight characters or less, which are less secure than longer passwords. Number two, passwords should include combinations of letters, numbers, and characters. You should make sure to use both uppercase and lowercase letters. Number three, no password should be shared with any other account. Passphrase generators use all of these strategies to generate strong passwords.
Ideally, every password should be used only once so that any data breach that compromises your password on that service will not put your other accounts on other websites, or your banking accounts, or your company email at risk of also being breached. Number four, no password should include any of the user’s personal information like their address or phone number. It is also advisable to never include any information that can be accessed on social media like your kids’ or pets’ names. Number five, password shouldn’t contain common sequences of letters or numbers. Number six, your password should never contain the word “password” or the same letter or number repeated.
Impact on Businesses
Compromised passwords caused 80 percent of all data breaches in 2019. These cyber attacks resulted in billions of dollars in financial losses for both businesses and consumers. Internationally, the average cost of data breaches in 2020 for the average business was $3.86 million, according to IBM research. The U.S. average cost, in contrast, was the highest topping out at $8.64 million.
In the manufacturing industry specifically, malware that captured credentials and grabbed passwords resulted in 922 cybersecurity incidents in 2020. 73% of these incidents were motivated by financial gain while 27% of these incidents were for espionage or to obtain private information about a targeted individual or company.
Help us on our quest to make passwords more secure!
Your contribution to our cause is highly appreciated!
Donate Now!
![A string of random characters typically has higher entropy compared to a few common words due to the vast number of possible combinations. For example, a 10-character lowercase password has roughly the same entropy as a 4-word passphrase picked from a 5000-word dictionary [5].](https://passwordclinic.com/wp-content/uploads/2024/06/automation-section-3.webp)
