Passwords - The First Line of Defense Against Unauthorized Access

ChatMail   |   May 1, 2022

Passwords - The First Line of Defense Against Unauthorized Access

Just because you use an encrypted phone doesn’t mean you can ignore proper password protocol.

We often hear of users choosing to use the same password for their personal and encrypted device for ease of use. We strongly discourage this. Your password is your first line of defense against unauthorized access and creating a unique and strong password is paramount to protecting your confidential information.

Not only do you need to ensure the password on your ChatMail™, device is unique from any other password you use, but you also need a different password for each access points on your phone. That means you need one password for your device lock screen, a separate one to use the ChatMail app, and a PIN for your notebook. If you set a Duress password, it too must be unique from all the others.

How To Create A Strong Password

Did you know that a password, made up of just numbers, is no defense against hackers, even when you use 16-characters? The strongest passwords are alphanumeric, mixing both upper- and lower-case letters, numbers, and symbols. You should use between 10 to 12 digits. You don’t want to make it so long that you can’t remember it, but you need to make it strong enough to protect yourself. Don’t use birthdates, license plates, or other easily identified characters associated with you.

Substituting special characters and numbers for letters in a word is one way of coming up with a strong password. Instead of hippopotamus, you could disguise your password by entering H19p0P@+A”u$ and, according to the site How Secure Is My Password, it would take 46 million years for a computer to crack.

When creating a strong password, avoid using adjacent keyboard characters. Hackers can instantly access your device if your password is QWERTY. Even mixing adjacent numbers and characters like %6789)-+ would only take three seconds to crack. Similarly, sequential combinations like abcdefgh are too easy to guess.

How Hackers Infiltrate Passwords

Hacking is both time-consuming and, without the assistance of technology, may have limited success. Therefore, hackers employ software to take the guess work to a higher level of sophistication.

Although ADBS is disabled on a ChatMail device, which protects you if a hacker gets a hold of your phone, know that your other devices are vulnerable to brute force attacks. (An important note if you have not created secure passwords for each device.)

Hackers will try to break into your phone using standard password combinations. Sometimes hackers use information gleaned from your online profile, i.e., social media. That’s why we emphasize the need for both strong and unique alphanumeric passwords.

10 Additional Safety Tips to Consider

  1. Ensure no one is watching you enter your password (consider a privacy screen protector)
  2. Get into the habit of deleting messages when you’re finished with them
  3. Set your “message time until delete” to the shortest number of days
  4. Set your “key store timeout” to the shortest number of minutes
  5. Configure a Duress Password to wipe your device
  6. Generate a new private key every 3-6 months
  7. Change your username every 3-6 months
  8. Enable the 2FA PIN for your notebook
  9. Never use the same password twice
  10. Never tell anyone your password

ChatMail. Engineered for Security. Designed for Privacy.