How to protect your passwords from AI
A new era of vulnerabilities
The advent of Artificial Intelligence (AI) has ushered in a new era of cyber vulnerabilities, making it easier for perpetrators to decode passwords, recognize behavioral patterns, and exploit system weaknesses faster than ever before. Preventing access to your document management systems, where you save your client’s vital records, will prevent damage to your brands reputation and significant penalties.
Astonishingly, AI tools like PassGAN can compromise 51% of common passwords within a mere 60 seconds. The numbers grow progressively worse: 61% in an hour, 71% in a day, and a staggering 81% within a month. Clearly, the days of lax password security are over; immediate action is essential. Cybercriminals have many more tools at their disposal to break into your banking, social media, and other accounts. You need a new password strategy immediately.
Best Practices for Password Security
- Longer is better: Don’t use the minimum characters a site will accept. An eight-character password comprising only uppercase and lowercase letters takes 22 minutes to crack. A 12-character password that includes symbols takes about 30,000 years.
- A passphrase is your friend: Instead of one or two words, try a longer “passphrase” that you can remember and then add the finishing touches. Perhaps you choose “I love to visit Hawaii,” which becomes “iluv2v!s!tHawaii.”
- Two-Factor Authentication (2FA): Whenever possible, enable 2FA. This adds an extra layer of security, requiring not only a password and username but also something that only you have access to, like your phone.
- Password Managers: Tools like LastPass or 1Password can manage your passwords for you, ensuring they are strong and unique for every site.
- Regular Updates: Make sure to update your passwords regularly and avoid reusing passwords for multiple accounts to reduce the risk of a breach.
- Be Cautious with Security Questions: Often, the answers to security questions can be easily guessed or found online (e.g., mother’s maiden name, the name of your first pet). Be creative in your answers or treat them like additional passwords.
According to IBM, it takes an organization up to 326 days to identify and contain a ransomware breach. It has never been more crucial to ensure that your knowledge management systems or day-to-day apps have advanced security features turned on and inform your users on efficient password strategies.
Byran Barkley – Legal Alchemist | Technology Solutionist | Integrity Advocate |