• SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us

Call us today! 844-OCD-TECH

Find our Location
OCD TechOCD Tech
  • SecurePath for Auto Dealers
  • Services
    • SOC Reporting Services
      • SOC 2® Readiness Assessment
      • SOC 2® Reports
      • SOC 3® Reports
      • SOC for Cybersecurity® Reports
    • IT Advisory Services
      • IT Vulnerability Assessment
      • Network Penetration Testing
      • Privileged Access Management
      • Social Engineering Testing
      • Virtual CISO (vCISO)
      • Written Information Security Program (“WISP”)
      • IT General Controls Audit & Compliance
    • IT Government Compliance
      • CMMC Cybersecurity Services & Compliance
      • DFARS Compliance
      • FTC Safeguards Compliance
  • Industries
    • Financial Services
    • Government
    • Auto Dealerships
    • Enterprise
  • Blog
  • About Us
    • Meet The Team
    • Jobs
  • Contact Us
Are You Password Walking?

Are You Password Walking?

June 7, 2018 Posted by Daniel Bohan IT Security

How Secure Are Your Passwords?

Password entry is a daily occurrence in almost everyone’s lives. The average user has at least 90 accounts that require passwords according to a 2015 DashLane blog by Tom Le Bras. Those numbers have only risen since 2015 as technology has embedded itself as an integral part of daily life. Many people are frustrated with the number of passwords they are expected to keep track of, and, as a result, end up using the same password among multiple accounts, using simple passwords, or both. Because of this, most companies have systems in place to prevent lazy password selection. The most common of these strategies is the implementation of password length and complexity requirements. In theory, these password policies beef-up account passwords so both client and company are safer from cyber-attacks. However, recent studies have shown that these attempts to improve security haven’t done much.

Nearly all security breaches involve at least one set of compromised credentials. These breaches uncover a pattern of lazy password selection called “password walking”. The password walking technique can result in a password that fulfills complex password requirements, while still being very insecure. The password walking technique works by entering characters as they fall on a standard keyboard. Some examples of password walking are qwertyu, 1qaz2wsx, or cde#xsw@. By looking at a keyboard, it is easy to see these combinations of letters, numbers, and special characters fall in order. This makes them attractive to a user because they are easy to remember and type in. However, passwords of these types are also very easy to crack for a hacker. Other password patterns including family names, sports teams, popular brands, music, and movies are all examples of more insecure password choices exploited in recent security breaches. These password selection patterns make cracking passwords easier than ever.

So How Do You Make a Secure Password?

There are several best practices to follow to ensure your passwords are secure and will stay secure. The first step is understanding the importance of creating and maintaining strong passwords and the damage that can be done to you and your organization with one set of compromised credentials. Strong passwords help prevent identity theft and are the first line of defense in keeping your financial and personal information safe.

First, consider the age of your current password, and where else this password may be valid. A breach of one site or service could put your other accounts at risk if they share the same password. Select unique passwords for sites and services that store or process sensitive information. Additionally, passwords should be at least twelve to fourteen characters long. The best defense against brute-force password attacks is password length. In general, the longer the password, the more time and computing power is required to crack or guess it. Finally, even the strongest passwords are useless if they are not stored securely. This means ditching the sticky note on your desktop and storing this information in a password manager or encrypted document with appropriate access controls.

There are other ways to protect your accounts and information if a password is stolen or otherwise compromised. Multifactor authentication is the strongest option to stay secure since access to an account is no longer granted with just a password. Multifactor authentication works by performing additional verification at the time of login. This generally includes sending a text message, email, or other notification with a code needed to proceed with the login. Many popular internet services and applications support multifactor authentication. Arm yourself with these good password habits and protect your information from vulnerability created by weak or compromised credentials.

 

References:

http://www.connectsafely.org/tips-to-create-and-manage-strong-passwords/

https://www.microsoft.com/en-us/research/wp-content/uploads/2007/05/www2007.pdf

https://blog.dashlane.com/virginia-tech-passwords-study/

https://blog.dashlane.com/infographic-online-overload-its-worse-than-you-thought/

Tags: cyber attackscybersecuritydata breachInformation SecurityIT SecurityOCD TECHpassword
Share
0

About Daniel Bohan

This author hasn't written their bio yet.
Daniel Bohan has contributed 2 entries to our website, so far.View entries by Daniel Bohan

You also might be interested in

VIRTUAL CISO

Virtual Ciso

Apr 16, 2024

Expertise on Demand  With new threats emerging seemingly every day.[...]

OCD TECH SOCIAL MEDIA PHISHING

Social Media Phishing Test

Sep 29, 2023

THE IMPORTANCE OF SOCIAL MEDIA PHISHING TEST IN YOUR BUSINESS[...]

Leveraging Lessons from Texas Hold'em to Strengthen Cybersecurity Strategies

From Texas Hold’em to Strengthen Cybersecurity Strategies 

Mar 20, 2024

Leveraging Lessons from Texas Hold’em to Strengthen Cybersecurity Strategies. As professionals[...]

Find us on

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Send Message
OCD Tech logo Audit. Security. Assurance.

IT Audit | Cybersecurity | IT Assurance | IT Security Consultants – OCD Tech is a technology consulting firm serving the IT security and consulting needs of businesses in Boston (MA), Braintree (MA) and across New England. We primarily serve Fortune 500 companies including auto dealers, financial institutions, higher education, government contractors, and not-for-profit organizations with SOC 2 reporting, CMMC readiness, IT Security Audits, Penetration Testing and Vulnerability Assessments. We also provide dark web monitoring, DFARS compliance, and IT general controls review.

Contact Info

  • OCD Tech
  • 25 BHOP, Suite 407, Braintree MA, 02184
  • 844-623-8324
  • https://ocd-tech.com

Follow Us

Videos

Check Out the Latest Videos From OCD Tech!

Services

SOC Reporting Services
– SOC 2 ® Readiness Assessment
– SOC 2 ®
– SOC 3 ®
– SOC for Cybersecurity ®

IT Advisory Services
– IT Vulnerability Assessment
– Penetration Testing
– Privileged Access Management
– Social Engineering
– WISP
– General IT Controls Review

IT Government Compliance Services
– CMMC
– DFARS Compliance
– FTC Safeguards vCISO

Industries

  • Financial Services
  • Government
  • Enterprise
  • Auto Dealerships

© 2025 — OCD Tech: IT Audit - Cybersecurity - IT Assurance

  • OCD Tech
  • About Us
  • Contact Us
Prev Next