Why Your Passwords Should Be at Least 11 Characters Long

It's hard to picture a world without passwords. Can you imagine what that would be like?

Consider this scenario: You wake up, and your social media account is flooded with posts about how much you hate your dog. Or maybe someone withdrew all your money from your bank account and spent it on a trip to the Bahamas. Everything that is supposed to be personal and private to you can be accessed by just about anyone, all because there is no password to keep everyone else out.

This is just a hypothetical example, but the consequences can still happen to you. Even with the existence of passwords, if we don't start taking security seriously now, there will be no stopping cybercriminals from stealing our private data and using it for their own gain.

A Brief History of Passwords

It may seem that passwords are a relatively new concept in the history of mankind, but they've already been around for centuries. The Roman military in Julius Caesar’s time (around 100 BC to 44 BC) reportedly used passwords for important strategic messages.

They also used a series of letters and numbers to identify Roman citizens. This way, soldiers could tell who was friend or foe when they saw them on the battlefield. A person or group that wants to enter an area will also be asked for a password or watchword, and those who know it will be allowed to pass.

The idea of computer passwords was first presented at MIT by Fernando Corbató in the 1960s, little knowing how significant it would be for modern society. At this time, computers were developed that had the ability to store information about users' personal information. 

These computers were called mainframes and were used primarily by large companies such as banks or insurance companies. They were not connected directly to the internet at this point. Instead, they relied on what we now call offline access points where employees could enter their passwords without having direct access to the internet itself.

At present, passwords are used for almost everything. Most people have about dozens of them, and they even share a few of their passwords (e.g., shared Netflix accounts) with family and friends. 

The Problem with Passwords

Every person who has ever used a computer or phone has created a password. Since passwords are our first line of defense, they’re also one of the first things hackers try to breach.

The problem with most passwords is that they're too predictable. Many people end up using the same passwords for all their accounts, which means that if one of them gets hacked, then all those other accounts are also compromised. Same goes if you have a weak password. Your most sensitive information could fall into the wrong hands—all because someone guessed or brute-forced their way through your password.

What is a brute force attack, you ask?

The name comes from hackers trying to 'force' their way into accounts. A brute force attack involves guessing login information, encryption keys, or hidden web pages through trial and error. A hacker attempts all possible combinations in hopes of eventually making a successful guess. This may be done manually or by using applications and scripts to get the job done much quicker.

Although this is an old attack method, it is still popular and effective among hackers. Cracking a password can take anywhere between a few seconds to several years, depending on how complex it is.

The Importance of Creating Strong and Unique Passwords for Your Healthcare Clinic

Passwords are the cornerstone of cybersecurity. In a healthcare setting, secure passwords are even more critical. Weak passwords can be easily hacked and cause a ripple effect, possibly even resulting in death.

The weakest link in any security system is the human element, so it’s crucial to educate your staff on how to create strong passwords. Many people already recognize that they should have a strong password, but some don't know exactly how to make one or are just simply too lazy to bother. 

Ultimately, all it takes is one hacker finding a crack in your security for them to have access to all of your patient information. From there, the damage could be immense. Therefore, it’s worth creating robust passwords for your practice’s systems, even if it’s going to feel tedious for your staff.

Why Your Medical Staff Should Make Their Passwords 11 Characters Long

By now, almost everyone uses the internet on a regular basis and has dozens of accounts to keep track of. As a result, many people use the same password across multiple services. The risk is even greater if the passwords are easy to guess.

When thinking of a password, it's tempting to be a bit lazy and just use something like "password" or "123456". That is the equivalent of locking the doors to your home with a scotch tape. You might as well invite the burglars in.

Password length is a critical aspect of cybersecurity. The gist is that the longer your password length, the harder it is to break into.

A cybersecurity expert recommends using a password with 11 characters. A password of six or seven characters can be guessed in as little as one second. On the other hand, it takes just over an hour to predict a password with eight characters.

If that’s not alarming enough, the expert also pointed out that a nine-character password could be cracked within three days, exposing your medical practice to cyberattacks. And you know what this leads to — steep fines for HIPAA violations, among other negative consequences.

The expert claims it can take a hacker 41 years to crack an 11-character password. With that, it's well worth it to create such a lengthy password.

More Tips on How to Make Stronger Passwords for Healthcare Workplaces

Creating strong passwords is especially important in the medical field because it deals with highly confidential information. It's possible to outsmart even the smartest hackers with simple techniques if you implement them properly.

These tips will help you strengthen your clinic's passwords and make them more difficult to crack:

• Change your passwords regularly. This will put you one step ahead of hackers who are probably still attempting to guess your old password.
• Use a mix of letters, numbers, and symbols. Avoid using easily guessed words like “password” or personal information such as the name of your pet or your birthday.
• Don’t use the same password for multiple accounts. If there's a breach, the hackers will have access to other accounts in an instant!
• Use a password manager to keep track of your passwords. It can also create strong passwords for you and help you store other sensitive information like credit card numbers and addresses.
• Enable two-factor authentication (2FA) whenever possible. By doing this, hackers will still be unable to gain access to your account even if they guess your password.

Enhance Clinic Cybersecurity Before a Data Breach Occurs 

If you’re using passwords that are less than 11 characters long, you should think about changing them immediately.

Password length is an easy way to add an extra layer of security to your account, as any attack that relies on cracking a simple password will be much more time consuming if it must guess a longer password. It won't stop a dedicated attacker, but it will slow them down, giving you precious time to detect their attacks and change your password before they gain access.

Need help boosting the security of your practice? Schedule a free assessment with one of our healthcare cybersecurity specialists. If you need IT services in Sacramento, California or just about anywhere in the US, we’re available 24/7!