Access to our modern world

Passwords have become part of everyday life. In fact, it can be difficult trying to remember them all, particularly this time of year when we take fortnight holidays. We are all now very familiar with the ‘Forgot my password’ link and it is easier than ever to overcome our poor memories by resetting our password with a few familiar private security questions.  With so many online accounts to keep up with, both at work and in our personal lives, it is tempting to choose something simple and memorable. It is also a common habit to choose the same password for accessing a multitude of logins.

Revealing our identity

The random words we generate from our psyche to create a password, can often reveal more about our personalities than we think. British psychologist Helen Petrie, Ph.D claims the passwords we create are a 21st century Rorschach inkblot test revealing insights into our true personalities. Petrie is a professor of human and computer interaction at City University in London. Following a City of London University study of 1,200 Brits, she identified four password genres:

  1. Family orientated (nearly half of respondents) – select their name, their nickname, the name of a child partner and/or a birth date. They have strong family ties and choose passwords that symbolize people or events with emotional values.
  2. Fans (one third of respondents) – select names of athletes, singers, film stars, fictional characters or sports teams. This group are mostly younger people who want to ally themselves with the lifestyle represented by a celebrity.
  3. Fantasists (eleven percent of respondents) – select phrases to elevate themselves in their imagination and are often sex based such as sexy, stud or goddess.
  4. Cryptics (the remaining ten percent of respondents) – select unintelligible passwords or random string of letters, numbers and symbols. These are the safest choices but far less interesting.

Passwords provide an insight to our personalities for two reasons. First, they are generated on the spot. “Since you’re focused on getting into the system, you’re likely to put down something that comes readily to mind,” says Petrie. “In this sense, passwords tap into things that are just below the surface of consciousness, much the way Rorschach and word-association tests do. Also, to remember your password you pick something that will stick in your mind. You may unconsciously choose something of particular emotional significance.”

Protecting passwords

Beside from drawing out hidden aspects of our personality, the key function of a password is to keep us secure. If we fall into the family or fan category, where we prefer to use pet names or celebrities, it is a common assumption that if we replace some letters with numbers, we make our passwords more secure. This practise was promoted as best practise by many experts a decade ago. One of these advisors, Bill Burr who recommended this approach back in 2003, now regrets his advice stating in a recent interview with the Wall Street Journal that he was ‘barking up the wrong tree.’

The latest advice for secure passwords

Current guidelines from the British National Cyber Security Centre no longer suggest passwords should be frequently changed, because people tend to respond by making only small alterations to their existing passwords – for example, changing monkey4 into monkey5 – which are relatively easy to deduce.  In addition, it has been demonstrated that it takes longer for computers to crack a random mix of words – such as cowstonecakerun – than it does for them to guess a word with easy-to-remember substitutions – such as p4ssw0rd1.  It is recommended to choose a password with over 16 characters with a random mix of letters, numbers and symbols.

Speak to a member of our team on 01293 871971 or email enquiries@m2computing.co.uk if you have any questions about cybercrime or IT security.