At least that’s what we think we’re doing, isn’t it? There we are, at the prompt to create yet another password, and after a few taps on the keyboard, we just know that we’ve included that extra something that only we can add that makes this a great password: long, strong and deceptive. We think we’ve mixed up those upper and lower case letters, numbers and special characters in a way that’s never been done before (shaken, not stirred).
Well, it turns out that our habits may be undermining us by giving away surprisingly plain clues that would reduce the time needed to hack our hand-crafted password from years to a few hours.
Our friends at Le VPN published our blog on password patterns, and we thought you might enjoy it.
When we do something over and over, it often becomes a habit – an internalized pattern that we can do without thinking. Take something like tying your shoes: you’ve been tying your shoes since you were 4 or 5 years old – for so long, that you can do it with your eyes closed. It’s become a habit that your fingers can do without engaging the brain too much.
Habits are like that, they have a way of taking over the way we do things. And that makes life easier, because having to think about the doing part slows us down.
But there are times when our habits and the patterns in which they reveal themselves aren’t a good thing. When it comes to security, patterns can be that dangerous crack in the armor that can be exploited by bad guys.
In the physical world, this can be the pattern of everyday activities that you typically sleepwalk through: where you walk your dog every night, patting your pocket when in public to see if your wallet is there, or something like leaving a key under the ‘welcome’ mat. How long would an observant bad guy have to watch you to discover a pattern that might be exploited to harm you or, at the very least, catch you off guard?
More and more, IT researchers are finding that subconscious patterns are revealing themselves in the darnedest places.
For example, the rhythm and cadence at which you type (i.e. the beat and strength at which you bang away at the keyboard) has for several years now been …
Read the rest at Le VPN.
*Sir Walter Scott (1771-1832)
“Oh, what a tangled web we weave. When first we practise to deceive!” Marmion