Roskachestvo: Password Length for Email and Social Networks Should Be At Least 16 Characters
According to experts from the Roskachestvo Digital Expertise Center, passwords for online accounts, including email services, messengers, and social networks, should be no shorter than 16 characters. Specialists shared this and other recommendations for protecting personal data.
Roskachestvo noted that major data leaks often occur when hackers breach online service databases. These databases frequently contain millions of user accounts, complete with logins and passwords. Once attackers gain access to such a database, they can sell it on the «dark web» or use the credentials for further malicious activities.
Experts explained that even if an online service uses cryptographic algorithms to store passwords (a process called hashing, which transforms data into symbols of a specific length), attackers can potentially bypass this protection using so-called «rainbow tables.»
A rainbow table is a massive database containing pre-calculated hashes (unique digital «fingerprints» of data) for the most common passwords. If your password is too simple (like «123456» or «qwerty»), it is highly likely already in a rainbow table and can be cracked almost instantly.
Hackers who obtain a database of hashed passwords begin attempts to find matching combinations using various methods. For example, they might take a list of the most common passwords and compute their hashes. If the hash of one of these common passwords matches a hash in the breached database, the corresponding password is cracked.
Users often apply the same simple password for different services. By hacking one account, an attacker can gain access to others, including those linked to bank cards and other personal information.
Roskachestvo emphasized that protecting personal data requires diligent attention to password security, following established rules. Experts stated that a password should be at least 16 characters long and include a mix of uppercase and lowercase letters, numbers, and special symbols. They also advised against using easily discoverable personal information such as names, pet names, or birth dates, as this information is often publicly available.
Furthermore, Roskachestvo specialists recommended changing passwords for important accounts at least once every six months. Another crucial piece of advice is to use unique passwords for different online services. This practice prevents a chain reaction effect where the compromise of one account could lead to unauthorized access to many others.
In related news, it was recently reported that scammers have devised a new method to deceive Russians on Telegram. Attackers compromise a messenger account and record a video seemingly from the account holder (pretending it`s their birthday) requesting money transfers.
