"Why does Qulture complicate my password definition so much? 🤔"
One of Qulture.Rocks' biggest concerns is the security of customer data. Therefore, we are always trying to improve the platform to decrease the chance of someone gaining improper access to some data.
One of the tools to achieve this goal is password complexity validation. It's not so simple to have to keep creating a password, but it is a very important step, not only in our platform, but in any system you use.
How does complexity checking work?
For you to be able to save a password, it must
-
contain 8 or more characters;
-
at least 1 capital letter;
-
at least 1 number;
-
at least 1 special character;
-
pass the special complexity checker.
What is the special verifier?
Qulture.Rocks uses a technology created by Dropbox that compares a password you are creating with a password database called zxcvbn. If your password is classified as easy to crack by an attacker, it cannot be used.
If you try to set a very common password, for example by dragging your finger on the keyboard: Qwerty1!, you will see the tool in action helping you to avoid having your account stolen by alerting you with the message that this password is similar to a commonly used password.
⚠️ Some points that are also checked:
-
Add a word or two. Unusual words are best.
-
Use a few words, avoid common phrases.
-
Dates are often easy to guess.
-
Names and surnames are easy to guess.
-
Predictable substitutions like '@' instead of 'a' don't help much.
✏️ Borrowing the tips from Dropbox, we have the following suggestions:
-
Use non-standard uppercase and lowercase letters (for example, "cAPItals").
-
Use spelling outside the normal range (for example, "orthography").
-
Use personal slang.
-
Numbers and symbols that are not obvious (note: using "$" for "s" or "0" for "o" is relatively common and probably not sufficient as a security measure).
If you need some inspiration for generating a password, the correcthorsebatterystaple website may help you. You set the parameters and it generates a password that is easy to remember.
Some good tips for passwords
-
Never reuse passwords on systems you have an account on;
-
Follow your company's password policy;
-
Consider using password management software;
-
Where available, use a second factor authentication (2FA or MFA) tool;
-
Change your password frequently.
That's it. Thanks for your understanding in supporting Qulture.Rocks in supporting customers to have a super high bar in information security! 💜
Questions or suggestions? #ChatWithUs 😊