Passwords, the large, sacred component of cyber-security. With constructing strong, complex, and unique passwords being something I have to deal with every day due to it being hammered into the heads of anyone wanting to enter the cyber-security field, the question of their worth always arises.
Everyone states how your password must be secure and strong to withstand attacks, yet hackers will only use brute-force and dictionary attacks (password cracking methods) as a last resort and not only that the effectiveness of using strong passwords, setting password expiration dates, etc. has little supporting evidence. With a recent research paper coming from Microsoft (https://www.microsoft.com/en-us/research/publication/an-administrators-guide-to-internet-password-research/) that questions just how useful are passwords? Generally speaking, it is always recommended to have a strong password, my goal is not to devalue the effectiveness of passwords, but rather elucidate other ways that are just as if not more important in securing yourself.
If some tech. savvy person(s) were truly bent on obtaining your password it becomes only a matter of time before he/she does. Having a strong password is good in stopping people/computers from simply guessing it, but if you make the foolish mistake of opening a suspicious link, allowing unauthorized personnel to your system, not updating your software, or heck, even if you are on the computer at a bad time (worm, network bugs) your security can become compromised. “The question is not IF you are going to be hacked, but WHEN.” – MixVOIP.