Hand on the heart, I think most of us have a lousy password hygiene. And I want to think it’s because it’s too complicated to do it the right way. In this article, I’ll show you how to craft a good and strong password. Contrary to what many think, strong passwords are simple to make.
Background
CNN business list the most common passwords of 2019 and sadly many people still use passwords like 123456, password, qwerty and abc123. Using weak passwords like that has its consequences. According to Media genesis about 44 user credentials get stolen each second. 44 stolen credentials per second sum up rather quickly. To be exact, it means that 3,8 million user credentials get stolen every day!
The Guardian published an article about the largest known database of compromised user credentials being found. The file contained over 770 million user credentials and was 87GB in file size.
What most people don’t think of is that getting hacked can affect friends and family. Many types of hoaxes depend on using a persona or an account that people trust. And there are a lot of scams on sites like Facebook where a person you know (but who has got his or her account hijacked) asks you to send them some money. E.g. like this facebook scam.
Start by creating a long password…
Using math, the website INFOSEC shows how password length is more important than complexity to protect us from brute force attacks. Their conclusion is to come up with a long password and then add some complexity to it. You can test how long it will take to break the password in a brute force attack on the site Howsecureismypassword.
As a rule of thumb, four words will suffice (length wise) for making a password strong. Let’s put in the password ‘threeautomaticmonkeysplaycanasta’ at howsecureismypassword to see how long it will take a computer to crack that password. howsecureismypassword reports that it would take a computer ‘about 2 octillion years to crack your password’.
…and finish up by adding some complexity
2 Octillion years. I guess that is a strong enough password for most of us. But let’s experiment a bit and add some complexity to the password just to see what effect that will have on the time it will take to crack the password. I’ll add just a little complexity by changing it to ‘thr33aut0maticm0nkeysPLAYcanasta’.
Howsecureismypassword upgrades the time to crack the password to 2 duodecillion years. To be honest, I don’t have the faintest how long that is, but I guess it will do just fine for most of us. And I’m certain that it will be significantly better than qwerty or abc123.
Conclusion
Making strong passwords is easy. So what is it that makes most of us use weak passwords? Why do we use the same password more than once? And why do we use the same password at many places at the same time? I guess the answer has to do with our inability to keep many strong passwords in our head simultaneously.
But there is a cure to that – read more about best practice for keeping your strong passwords safe