Human Psychology Makes Guessing Passwords Easy
Human psychology makes guessing passwords easy. If you knew how easy it was to guess a password, you wouldn't go online. It is time to learn about the English language used on a topic that is important to our online work as more and more of us work from home and spend money online.
In today's English lesson we learn how to make a strong password and the English language associated with going online. We discuss what experts think about strong unguessable passwords and offer some practical advice for you. We also learn about harmful patterns in language that jeopardize your security and find out what the most common passwords are and how to improve them.
We can easily fall victim to typical human psychology and are often our own worst enemies when trying to be secure online. So it’s time to learn about a topic that’s important for going online safely. Learn about the English language we use when talking about ways you are being tricked into giving your passwords away.
We spend some time talking about the language used to describe the ways you are being tricked into giving away your passwords every day based on actual human psychology. Humans like to think that we can protect ourselves from the dangers of the world. However, we are creatures of habit and vulnerable to our predictable behaviour.
Most Unusual Words:
- Psychology: This is the study of the mind and how it works. It looks at how people think, feel and behave.
- Guessing: This is trying to give an answer without knowing all the facts or information. It's like making a choice when you're not sure.
- Password: This is a secret word or code you use to get into your computer or online account. Only you should know your password.
- Hack: This means to break into a computer or online account without permission. It's when someone finds out your password and uses it without you saying it's okay.
- Illegally: This means against the law. If something is done illegally, it is not allowed by the rules of society.
- Alphanumeric: This describes something made up of both letters and numbers. An alphanumeric password could have letters and numbers in it.
- Random: This means without a pattern or plan. When something is random, you can't predict what will happen next.
- Processing: This is about doing steps in order to finish a task. A computer processes information when it works on data or instructions.
- Compromised: This means made less secure or safe. If a password is compromised, someone else knows it and can use it.
Most common 2 word phrases:
| Phrase | Count |
|---|---|
| May Be | 4 |
| Think About | 3 |
| English Vocabulary | 2 |
| Our Podcasts | 2 |
| Talk About | 2 |
| Your Email | 2 |
| Your Account | 2 |
| Alphanumeric Characters | 1 |
Listen To The Audio Lesson Now
The mp3 audio and pdf transcript for this lesson is now part of the Adept English back catalogue . You can still download and listen to this lesson as part of one of our podcast bundles.Transcript: Learning The English Language Of Online Security
Hi there. Today let's talk about a topic that affects all of us. How much thought do you give to your passwords? How much thought do you give to online security? Do you worry about password security or is it not something you particularly think about?
There's a bit of psychology behind our choice of password, and sometimes that's the problem. So today you may be listening to this podcast as someone who thinks a lot about password security, in which case the benefit is the English vocabulary. You will learn how to talk about and understand this issue in English. If you don't think about password security particularly, then this podcast will help you think about it as well as teaching you some really good English vocabulary.
Hello, I’m Hilary, and you’re listening to Adept English. We will help you to speak English fluently. All you have to do is listen. So start listening now and find out how it works.
Move your English language learning forward with a podcast bundle
And just a reminder that if you like listening to our podcasts, but you would like to hear more podcasts, you can go to our website at adeptenglish.com and buy our podcasts in bundles of 50. Yes, that's 'fifty', 50 podcasts. Put them on your phone or tablet, and you've got great English language listening, wherever you are, wherever you go, it'll always be with you.
Boost Your Learning With Adept English
Passwords and User IDs
OK, so what about vocabulary here? What is a 'password' that's P A S S W O R D. I thought this might be one of those words that is the same in many languages, but a quick look on Google Translate and I found, no, it's not. So 'a password' in English is that secret word or group of letters that you create when you set up an online account.
It may be the account you use to do your supermarket shopping online or buy a pair of shoes. It may be your bank account, it may be your email account. All of them require that you use a password, which only you know to keep your account secure.
📷
A photograph of a password written down on a paper pad. Today we spend some time learning the English languaged used when talking about online security.
The other piece of information which often goes with an online account is your 'user ID'. So ID is short for 'identification'. Often your user ID will be the same as your email address. And an 'account'? That just means the record on that particular website of who you are, your set of details. That's your 'account'. A C C O U N T.
So in the course of our working lives and in the course of doing our 'life admin', that's our personal stuff, it's likely that we are logging on to different sites using a user ID and a password 20 or 30 times a day. It's estimated that the average user has around 100 logins or accounts with user ID and password, to keep on top off. That's a lot, but it's probably true, certainly in my case.
So passwords are there to keep our information secure or supposedly so. I say 'supposedly' because there are various problems around the security of passwords.
Threats to your online security
If you 'hack' an account, the verb 'to hack', H A C K, that means you work out what the password is illegally. Without having authorized access, you get into the account. That's 'to hack' someone's account. So there's always a risk of your account being 'hacked' or your details being stolen.
What is 'a strong password'
The usual advice is to have a 'strong password'. And by that we mean that it is a combination of alphanumeric and non-alphanumeric characters. So an alphanumeric character, that means a character that is one of the letters of the alphabet and if it's numeric, it's a number. So an example of an 'alphanumeric' password might be 'Hilary123'.
However, that's not a very good password because it's very guessable. It's not difficult to work that one out. So we're usually asked to add in some non-alphanumeric characters. So these are things like an exclamation mark (!), a full stop (.), a slash (/), a percentage (%), an asterisk (*), perhaps.
So if you have a password that's made up of a combination of alphanumeric and non-alphanumeric characters, that's harder to crack. It's harder to crack that password. It's harder to work out what it is. And many websites insist that we make our passwords in this way, which is probably a good thing.
Random is best for passwords
We're also told, the more random our password, the more secure it is. Random R A N D O M. That means 'not associated with anything'. It's not linked to anything in our personal lives. So passwords that aren't obvious are more secure. But.....100 passwords. That's a lot to remember! So it's typical human behavior to use for our password something like our dog's name, or the name of our child or our favorite football team perhaps, or the type of car you drive. Trouble is easier to remember, but easier also to guess by someone else who wants to get into your account.
Longer rather than shorter is best for passwords
Another protection. The longer your password, the more characters in it, the harder it is to crack. If you think about it, this makes a lot of sense. The more letters there are, the more combinations, the more possibilities there are for that password.
The software that tries to work a password out, the algorithm if you like that tries to crack a password, will have a much harder time with a password that's 11 characters long than it will with a password that's only 6 characters long.
When I was doing research for this podcast, I came across someone called Jeremi Gosney. He's a password expert and there's a link in the transcript to an article where he's interviewed.
He talks about how cracking a machine generated, so that's a computer generated password, needs 'brute force'. It basically needs processing power, software that cycles through all the possibilities, every possible combination of characters. It takes a lot of computer power and special software, a special algorithm to do this.
Listening Lessons
Humans make passwords in predictable patterns
But passwords chosen by humans are the weakest ones. Apart from choosing our favourite football team or our dog's name, there are other things that we tend to do. He says:-
"With password complexity policies that require an uppercase character and a number...", so that means where the website that you're setting your password up, insists on you using a letter and a number and a non-alphanumeric character, he says "99% of people on this planet are going to put the uppercase character in the first position and the number in the last position". And possibly the non-alphanumeric character after that number. Just think about your passwords. Have you ever done that? Is your password in that format?
Shoulder surfing and phishing are more common
The other point that Jeremi Gosney makes, he says that most passwords are stolen either by 'shoulder surfing', so that basically means someone looking over your shoulder, watching you put your password in. Or what's called 'phishing'. That's P H I S H I N G. And 'phishing' is where you're tricked into giving your password by either software or a person who is trying to trick you, posing as the legitimate website or someone from the organization behind the website. So to 'phish', P H I S H is also a verb.
Reusing the same password? A no no!
And the point here is not using the same password for many accounts. If you have a unique password for every single account online, only that one is compromised, if you are the victim of phishing.
If you repeat your use of a password, which you have remembered, which you remember well, and you use it for multiple different websites, lots of different accounts, then obviously once that's compromised, you've got a much bigger problem.
We're not superhuman!
But remember, we've all got about a hundred different logins and passwords. We have to have alphanumeric and non-alphanumeric characters in them. They have to be at least 11 characters long. They have to be unique for every account, and we have to remember them all.
Well, we're not superhuman, are we? I'm not, anyway. So how do we manage this situation and yet keep our accounts secure?
Fixes for the problem of password management?
Well, it's suggested that there are a number of methods. First of all automatic password generation software. This makes the random factor and the length of the password and the mix of the characters atypical, not usual, so it's much harder to guess. Impossible to guess, in fact.
And also you can use software, which is called 'a password safe'. So in a sense, it's rather like a physical safe, a big metal box with a knob on the front. 'Safe', S A F E as a noun generally means a place that you keep your money and your valuable documents in your house. But a password safe is a digital, a virtual, an online safe, and it's a store for all your passwords and your user IDs. It means that you can have great long passwords that are very secure, and you don't have to remember them.
Download The Podcast Audio & Transcript
However, my thinking here, my concern, you'd have to have a very good password to protect all of those passwords, and you'd have to have a lot of confidence in your password safe company, wouldn't you?
An old-fashioned approach?
There is something to be said for having a physical place where you actually write your passwords down, or at least not specifically the password, but a code that will prompt you to remember what the password is. Only if someone breaks into your house and steals this information, are you going to have your account hacked very easily. And most cyber crimes don't happen in this way. So there is something to be said for the old fashioned approach to this problem, I think.
Anyway, I hope this has made you think more about your password security. If you're already familiar with all these problems that I've talked about in this podcast, then at least now you have the English words for it all. And if you don't think about password security, perhaps I've given you something to think about.
Goodbye
Listen to this podcast a number of times until you remember all of it. Until you remember all the words and until you remember any new vocabulary.
Enough for now. Have a lovely day. Speak you again soon. Goodbye.
Thank you so much for listening. Please help me tell others about this podcast by reviewing or rating it. And, please share it on social media. You can find more listening lessons and a free English course at adeptenglish.com
