EdTech Department
deocrative image

Time to Check Your Passwords

Published on October 14th, 2021

When I think of passwords, and in particular "weak" passwords, an old Mel Brooks movie comes to mind where the villain enters the password of 1, 2, 3, 4, 5 in order to complete his evil plan. Perhaps you are familiar with this movie? Comedy aside, weak passwords are not always as obvious as the one from this movie. Today, you will learn how to do a "password checkup" and see if you have:

  1. Compromised passwords
  2. Reused passwords

After we look at the above two items, you will see how to test your current passwords. This test will inform you how long it would take a computer program (algorithm) to break your password. I found the amount of time it would take to break into my accounts to be very eye opening. My guess is that you will too. Can't wait to see how? Skip to that section now.

Start Your Password Checkup

To get this process started, head on over to Google ( Control+Shift Click or Command+Shift Click the link to open this in a new tab or window). From there, you'll want to click on the profile picture in the top right of the page (not the one in the top right of the browser near the 3 dots). See the image below:

follow the steps to manage your Google account.

From here, you will need to click on Security found in the left side menu (or at the top on a smaller screen). From there, scroll down and find the link to Password Manager (Steps combined in image below)

follow the steps to open you password manager

After clicking Password Manager, you will see Password Checkup near the top of the screen. Click Go to Password Checkup (seen below).

follow the steps to go to password checkup

You're almost there! Because you're about to access the password check up area, there is a good chance you will be prompted to enter your credentials again (if you haven't recently done so). Click Check Passwords.

follow the steps to check passwords

What to Do After Your Checkup

Good or bad, your check up is complete. Now you are staring at your results. Perhaps your results look something like mine below (maybe better, maybe worse).

results from the Google password checkup

What are Compromised Passwords?

Data breaches occur more often than we would all like. Fortunately for us, Google (and others) keep track of these breaches and run your passwords off of the lists of exposed credentials. This makes compromised passwords your #1 priority.

Click to expand the Compromised Password(s) section. You will see all accounts that need your immediate attention. To make the process easier, Google provides some convenient functionality right from this screen (see below):

there are many functions available to you when managing compromised passwords

Be sure to change the passwords for all compromised accounts. The link provided should help get you to the site so that you can begin the process. Of course, you will want to select a strong password, and follow our steps to safely storing your passwords.

Most of Us Are Guilty of Reusing Passwords

I feel confident in the statement above. We tend to have an inflated sense of security provided by what we feel is a "strong password." This leads us to use this so-called strong password on multiple sites. The problem with this strategy of course is that these passwords usually not as strong as we think. As a result, cracking one account opens us up to losing multiple accounts.

Use the reused passwords section to head over to these sites. Give each of these sites unique passwords. "But how am I supposed to remember all of these passwords?" you ask. Have you checked out part 1 of our cybersecurity awareness series? This will give you a solid strategy for keeping your unique passwords saved.

What to do With Weak Passwords

In my opinion, this is a great time learn a little about how the "hackers" are gaining entry. We are not going to discuss phishing today (that's coming up). Those that desire to gain entry into your accounts use automated programs that use common words. If those attacks fail, they can begin to "brute force" their way in. With possibly thousands of attempts per second, these programs can make short work of cracking your account.

You can head over to https://useapassphrase.com to do 2 things:

  1. Generate strong (I mean really strong) easy to remember passphrases
  2. Test your existing passwords to see how long it would take a computer program to crack your password

You will see something like this...

use strong passphrases like the ones you can generate on useapassphrase.com

One of my frequently reused passwords had a time-to-crack of 11 hours. That gives me reason to be concerned.

Would you share some of your time-to-crack times?

Use the comments down below if you are courageous enough to share. Don't worry about judgement, by the time you've shared them, I am certain you have strengthened them against attack, right?!

What if Strong Passwords Are Not the Problem?

Believe it or not, cybercriminals have a better way to get into your account than cracking your passwords especially when they are strong like yours. They just get you to give them your passwords?

Want to know how they do that? Read part 3 of our series.

Meet the Author ...

  • profile picture of Neil Mastroianni

    Neil Mastroianni

    Hi! I'm Neil, and I've been in education since 2002. My journey with using educational technology really began in 2008. It was at this time, I began to see the potential that technology provided me and my students. Since then, I have moved into administration and I am fortunate enough now to be responsible for supporting staff in their edtech journeys.

Have Thoughts or Questions?

Leave Us a Comment

Long Branch Public Schools Seal/Logo

Long Branch Public Schools

"Together We Can" #JuntospodemosLB