The number of sites we’re all using is increasing and, for most of us, the number of passwords we’re using is decreasing. Read on to see how you’re at risk and what you can do.
Over at Ars Technica they’ve shared an extensive writeup that could be accurately re-titled “The Sad State of Password Security Today”, in the introduction they write:
The average Web user maintains 25 separate accounts but uses just 6.5 passwords to protect them, according to a landmark study (PDF) from 2007. As the Gawker breach demonstrated, such password reuse, combined with the frequent use of e-mail addresses as user names, means that once hackers have plucked login credentials from one site, they often have the means to compromise dozens of other accounts, too.
Newer hardware and modern techniques have also helped to contribute to the rise in password cracking. Now used increasingly for computing, graphics processors allow password-cracking programs to work thousands of times faster than they did just a decade ago on similarly priced PCs that used traditional CPUs alone. A PC running a single AMD Radeon HD7970 GPU, for instance, can try on average an astounding 8.2 billion password combinations each second, depending on the algorithm used to scramble them. Only a decade ago, such speeds were possible only when using pricey supercomputers.
If you’re one of those people who maintains a laundry list of frequently visited sites but a very short list of frequently used passwords, it’s definitely time to beef things up. Start by reading our emergency guide How To Recover After Your Email Password Is Compromised–even if your email hasn’t been compromised it’s a great starting point for analyzing and improving your password practices. Follow that up with The How-To Geek Guide to Getting Started with LastPass and you’ll exponentially increase the variety and quality of your passwords.
For more a more in-depth look at the problem of duplicate passwords, security compromises, and the ease in which crackers are acquiring more and more password lists, hit up the link below for the full and fascinating article at Ars Technica.
Why passwords have never been weaker—and crackers have never been stronger [Ars Technica]