Table of Contents
Did you know that in 2023, according to the company find out (specializing in digital security), at least 2,7 million Brazilian user accounts were compromised by cybercriminals? Faced with this alarming scenario, in this tutorial, we will explain some strategies on how to create strong password to protect your personal information, accounts and online services:
Avoid weak passwords
If you put the password on your home's Wi-Fi 12345678, know that weak passwords like this represent a major vulnerability for your digital security. One study carried out by the password management service North Pass revealed that common names, simple numerical sequences and terms related to football teams are among the passwords most frequently found in data leaks in Brazil in 2023.
Passwords like lucas123, admin e 123456 were widely used, which makes the work of cybercriminals easier. The password lucas123, for example, appeared 3.993 times in leaks and ranked 27th among the most common. Default passwords like admin e 123456 topped the list, used 204.846 and 137.551 times respectively. The study of North Pass analyzed a database of more than 4 terabytes created from leaks available on the internet. The most alarming finding is that weaker passwords can be cracked in less than a second with the use of automated programs.
Passwords related to football teams are also popular among Brazilians. The password Flamengo was identified 2.257 times, while “palm trees” appeared 1.073 times. Other common passwords include Brazil e 123456789. The simplicity and predictability of these passwords make them easy targets for brute force attacks, where hackers try every possible combination until they find the right one.
Check out the 10 most common weak passwords in leaks in Brazil, according to NordPass:
- admin (204.846 cases)
- 123456 (137.551 cases)
- 12345678 (46.666 cases)
- 102030 (28.034 cases)
- 123456789 (24.834 cases)
- 12345 (22.426 cases)
- gvt12345 (10.684 cases)
- 12345678910 (9.710 cases)
- password (8.687 cases)
- 111111 (8.432 cases)
create strong passwords
Strong passwords are those that combine upper and lower case letters, numbers and special characters, in such a way that they are difficult to read by people other than the owner of the password. To create your strong password, you must:
- Do not use obvious or personal information: avoid using obvious information, such as dates of birth, names of family members or pets, personal data and simple numerical sequences;
- Do not use dictionary words: “Dictionary attacks” are a common technique used by cybercriminals, who use automated programs to test a vast list of words and combinations found in dictionaries to guess passwords. Simple words, even when combined with numbers, are more vulnerable to this type of attack.
- Have a good total of characters: use at least 12 characters for your password;
- Think of something difficult to create but easy to remember: Use a phrase, piece of music or saying that you like and replace some letters with numbers and characters. This will make it easier for you to remember the password;
- Do not repeat passwords: avoid using the same password on other accounts. Try creating variations or patterns that are easy to remember.
Examples of strong passwords that are still easy to remember can be combinations of phrases and characters like a piece of music ( @ind@Lembr0d0quep@ssou ), or a combination of words that do not make clear sense ( G@ton@l@v@nder1a ). Note how easy it is for you to remember them, but they are still strong passwords.
Use a Password Generator
Another way to create your password, without having to think too much, is to use a random password generator. Randomly generated passwords are highly complex and difficult to crack using brute force or dictionary attacks. They do not follow any predictable pattern, making them virtually impossible for humans or automated programs to guess.
Although random passwords can be more difficult to remember than word- or phrase-based passwords, the additional security they offer makes up for this inconvenience. Therefore, whenever possible, opt for random passwords to ensure the protection of your personal information and the security of your online accounts.
Password generators are often part of browsers like Google Chrome, and also operating systems, such as iOS da Apple . And there are also password generator sites, like Avast and Norton.
Use a Password Manager
password managers These are mobile and PC apps that everyone should use. These tools store your passwords in encrypted form and automatically generate complex passwords, eliminating the need to memorize multiple difficult combinations.
Additionally, password managers make it easy to autofill passwords on websites and apps, making the login process faster and more convenient. And everything is protected by a master password (meaning you only need to remember it), PIN or biometrics. See the best known:
Google Password Manager
O google password manager is a tool integrated into the browser Google Chrome, which offers the ability to store and manage passwords securely. Available to device users Android, iOS, Windows and Mac, it automatically synchronizes passwords between devices such as cell phones, tablets and PCs, ensuring you always have access to your credentials when needed.
Google's password manager is free and can be activated in your browser settings by clicking on the three points in the top right corner of the browser, then click passwords and autofill and, finally, in google password manager.
To learn more, visit this tutorial about Google Password Manager.
Apple Manager (iCloud Passwords)
O Apple password manager, known as iCloud Passwords, is an essential part of the Apple ecosystem, available to device users iOS, macOS and Windows. O iCloud Passwords allows you to store and synchronize passwords securely through iCloud, ensuring your credentials are always available on all your devices Apple .
Additionally, the service offers advanced features such as automatically generating strong passwords and the ability to autofill passwords on websites and applications. O iCloud Passwords is free for users of the ecosystem Apple , and can be activated in the settings of compatible devices by clicking settings on the iPhone and then on the option Passwords.
Microsoft Authenticator
O Microsoft Authenticator is a free application integrated into Windows and available for iOS and Android which offers an additional layer of security through multi-factor authentication. In addition to generating two-factor verification codes, the app can also be used to store passwords securely. While it's not a full-featured password manager like others on this list, it offers a convenient option for those who want an integrated solution with Apple's multi-factor authentication. Microsoft and other supported services.
Samsung Pass
O Samsung Pass is a password manager available on devices Samsung Galaxy, which offers advanced password storage and autofill features. Integrated into browsers Samsung Internet and Google Chrome on compatible devices, the Samsung Pass offers a simple and safe using experience.
The service is free for users Samsung and can be enabled in the settings of supported devices, providing a convenient way to manage your passwords and keep your accounts secure. To access, search for Settings in the Galaxy menu, then click Safety and PrivacyFollowed by More security settings and finally in Samsung Pass.
safeincloud
O SafeInCloud is a paid password manager available for Android, iOS, Windows and Mac, which offers a series of advanced security features. With strong encryption for password storage, support for cloud synchronization (e.g. Google Drive, Dropbox), generation of secure passwords and automatic filling, the SafeInCloud offers a complete solution to securely manage your credentials.
The app is paid, but it offers a free trial period so users can try out its features before deciding to purchase. To know more about him, click here.
We also have a complete article on the topic, which you can access here: best password managers.
Enable two-factor authentication
Two-factor authentication (2FA ou two step verification) is an additional security measure that can be used to protect your online accounts. With it, in addition to entering your password, you also need to provide a second authentication factor, such as a code sent to your cell phone or generated by an authentication app. This adds an extra layer of security because even if someone discovers your password, they will still need the second factor to access your account.
We highly recommend enabling two-factor authentication on all online accounts that offer this feature, especially on sensitive accounts such as emails, social media, and banking. It makes it much more difficult for hackers to access your accounts, even if they have your password. It is a simple but effective measure that can protect your personal information and ensure the security of your online accounts. See how to activate this in the main web services:
Other tips for protecting your passwords
It's not enough to create a good password if you don't protect it correctly, right? There are several simple measures you can take to increase the security of your passwords and prevent them from being compromised. Look:
Don't share your passwords
Sharing passwords with others, even if you trust them, significantly increases the risk of compromising the security of your accounts. Even if the intention is to facilitate access to certain services, such as in work or family environments, it is important to remember that each person must have their own access credentials.
When you share your passwords, you lose control over who has access to your accounts and may be subject to different types of risks, such as identity theft, invasion of privacy and unauthorized access to personal and financial information. Therefore, it is crucial to keep your passwords confidential and not share them with anyone, thus ensuring the security and privacy of your online accounts.
Never send passwords via email and messages
Sending passwords via email and messages is an insecure practice that can expose your credentials to security risks. Emails and text messages are not considered secure channels for sending sensitive information, as they can be intercepted by hackers or accessed by unauthorized third parties. Additionally, these communications may be stored on the servers of email providers or messaging applications, further increasing the risk of your passwords being exposed.
Write down passwords in safe places
Don't write down your passwords on notepads, post-its or any physical place that can be accessed by someone else, okay? Also, never use Google Keep or any notes app without a password for the same purpose.
These locations can be compromised in the event of loss, theft or unauthorized access to the device, or even by someone who visits your home and finds your famous pad. To ensure the security of your passwords, consider using more secure storage methods, such as a password manager, like the ones mentioned above.
Change passwords immediately after suspected hacking
If you notice suspicious activity such as unauthorized logins, password change confirmation emails that you didn't request, or unusual activity on your accounts, it's important to act quickly and change your password. This may prevent attackers from continuing to access your accounts and protect your personal information.
Update your passwords regularly
Updating your passwords regularly is an important practice to ensure the security of your online accounts. It's recommended that you change your passwords at least every three months, or more frequently if you suspect any suspicious activity on your accounts.
Conclusion
Now that you've learned how to create secure passwords and protect them correctly, it's easier to protect your personal data and access, right? Always remember to keep your passwords up to date and use secure methods to manage them. Protecting your personal information requires constant vigilance to ensure your accounts remain secure.
See also:
Sources: Microsoft, Google e Forbes.
Discover more about Showmetech
Sign up to receive our latest news via email.