In today's connected world, cybersecurity is everyone's responsibility. One of the simplest yet most powerful steps you can take to protect your digital assets is to change your default password.  

Why Are Passwords So Important?

Passwords are your first line of defense against unauthorized access to systems, devices, and networks. Think of them as digital locks. without them, anyone could access your network. With cyber threats growing more sophisticated, it is important to understand why you need to set a strong password and how.  

How Easy Is It to Hack a Password? 

Given infinite time and computing power, any password can be cracked. But in reality, attackers rely on speed and simplicity. Short, common passwords like “123456”, “password”, or “qwerty” are cracked in seconds, and shockingly, they're still widely used. A key takeaway is that complexity and length matter. 

Password Length and Entropy 

One of the most effective ways to strengthen a password is by increasing its length and randomness. The length can be defined as password entropy. The more unpredictable and lengthy a password is, the harder it is to guess or brute-force. 

Taking a basic password such as 123456, it has an entropy of 16. A recommended minimum is around 60. 

Example:

• Using a phrase from your favorite book can help remember it and also provide high entropy; call me ishmael. With spaces, this receives a score of 70 (with spaces).
• Adding numbers, symbols, and a mix of uppercase and lowercase letters boosts this score even further; C@l! M3 1shMa€L. The password now has an entropy of 105. In context, using brute force, this would take trillions of years to crack. Roughly 30 times the age of the universe.   

Multifactor Authentication (MFA) 

Even with high-entropy passwords, they can be compromised. Maybe they are reused, or someone has shared it by accident. An additional layer of securing is using MFA. It adds an extra layer by requiring a second form of verification, such as: 

• A one-time code via email or SMS 
• An app-generated soft token 
• A physical security key (hard token) 

MFA significantly reduces the risk of unauthorized access, even if your password is stolen. The risk is with how the code is received. SMS and Email can also be compromised, which is why app-generated soft tokens of a physical key (hard token) often are recommended.  

The Power of Password Managers

Managing dozens of complex passwords can be overwhelming. That’s where password managers come in: 

• They store all your unique passwords securely in one place. 
• They autofill credentials for specific sites and devices. 
• They limit exposure by isolating compromised passwords to a single account. 
• They allow administrators to control access and reduce accidental leaks. 

Password managers make strong security practices practical and scalable. They also provide the ability to share passwords, without the receiver seeing the password.  

Adding Complexity the Smart Way

Changing default passwords is a must. But don’t stop there. Make them unique and complex. It is recommended to have a password length of 14 characters by Westermo. However, you can use a mix of: 

• Lowercase letters 
• UPPERCASE LETTERS 
• Symbols (e.g., Ç«®%&#"!)
• Numbers 

For example, instead of using “westermo” as a default password, could be (We do not recommend using this password); W3s!ErM0 

Now with password managers they often output a string that is not readable. This is where these passwords are stored in the manager and autofill enables them to be used.  

There’s no perfect password, but complexity and uniqueness always help strengthen a long password.  

Final Thoughts 

Strong passwords are key to securing your system. The most important factor is length, followed by complexity with the addition of multifactor authentication. Password managers help you maintain and protect passwords.