The password dilemma: simple and crackable, or strong and forgettable?

Simple passwords are easy to crack, complex ones hard to remember. Using one strong password for all logins isn’t safe. What’s the solution?

Coming up with strong and unique passwords that are easy to remember may seem as a mission impossible. But it’s not: here’s how to make them.

Whether we are talking online shopping or bill paying, and don’t forget social networking, our modern lives require accounts, dozens of them. Each service tells you to come up with login and password, and every time the question arises: What should you use? And everyone has their own solution for that.

The password dilemma

Most people know full well that passwords are the first line of defense against cybercriminals. And we have repeatedly blogged about the importance of strong passwords — long and including special characters, numbers, and upper- and lowercase letters. Moreover, each account needs a unique password; reusing passwords is unacceptable.

However, the stronger the password, the easier it is to forget. And that can cause problems, as you surely know. As a result, lots of people decide not to bother and create one password for all sites, or even use their own name and date of birth as passwords. Naturally, this makes their data easy prey.

Kaspersky Lab carried out a study to find out which password selection strategy is most common among users and why.

So strong even I can’t sign in

Unique and complex passwords are a good thing, of course. People use them most frequently for bank accounts (63%), some payment systems (42%), and online stores (41%). But as we already said, such passwords are difficult to remember, and losing access to your mobile bank can be a real pain.

It would seem logical, then, to make a note of such passwords so as not to forget them. However, half of those polled do not store password memos in a particularly safe place. And even the strongest password in the world won’t protect you if an attacker finds it written down. There are no absolutely safe places for keeping passwords, unless they happen to be encrypted at the same time. But then you have to remember the cipher….

Weak and memorable

In an attempt to escape the dreaded “incorrect password” message, many users opt for convenience over security. To avoid the pitfalls of memorizing multiple passwords, about 10% of users choose the same one for all sites, thereby inviting cybercrooks to hack into not one, but all of their accounts in one go.

The invitation is warmly received: In the last year alone, 17% of respondents reported a hacking attempt on at least one account. The most popular targets were e-mail accounts (41% of all cases), social media (37%), and banks and online stores (18% each).

Don’t despair just yet

Instead of trying to find a balance between convenience and security, you can kill two birds with one stone by installing Kaspersky Password Manager, which stores all of your account details in a safe place. You’ll need to remember just one master password; the service handles the rest. What’s more, it can generate secure passwords that are very difficult to brute force — and enter them for you on demand.

Tips