People fall prey to cyber attackers often who take advantage of a weak password that can be cracked in minutes.
Having Big Password Energy is all about being cyber confident and capable by making sure your device and online accounts are protected with the mean-est, strong-est passwords around.
That’s the message from government cyber security agency CERT NZ, which has launched a campaign to encourage the use of passphrases as a way of remembering long passwords.
“While the Big Password Energy campaign is fun and a bit tongue-in-cheek, the reality is serious. Too many New Zealanders use easy-to-crack, short passwords and often they use the same passwords in multiple places. Because of this they’re at real risk of having their online accounts broken into by cyber attackers,” says Sam Leggett, Senior Analyst, Threat and Incident Response at CERT NZ
“Our research has shown that many New Zealanders view password security as not that important, and too many kiwis put cyber security advice in the ‘too hard’ basket. Big Password Energy is designed to simplify the advice and show people how easy it can be.”
The campaign is aimed specifically at New Zealanders aged 18-34.
“We know from our research that this group is highly confident online but less likely to take steps to protect themselves. It’s a demographic that experiences a higher-than-average amount of cyber-attacks and are more likely to be the victim of scams – particularly those involving social media or their online profiles.
“Despite this, only half of them will use strong passwords, and two thirds will use the same password multiple accounts.
“Our campaign introduces the idea of passphrases to this group through humour, as a way of engaging them in creating long, strong passwords,” Leggett says.
CERT NZ recommends to use a passphrases made up of four or more random words to keep your valuable information secure.
A passphrase is a string of four or more random words. The more characters a password has the harder it is to crack. Whereas a simple short password like ‘Mittens96’ could take attackers just seconds to brute force, a passphrase like ‘MyPerfectlyTrimmedHedge’ would take centuries using the same method.
Table below shows how different passwords compare in terms of strength. These estimates were created with the ZXCVBN algorithm, that uses various methods, including brute force guesses and dictionary attacks, with increasing guesses-per-second.
“Big Password Energy shows how just choosing things from around you can make a great password,” says Leggett.
CERT NZ is the government agency that works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents.