Yesterday, we discussed methods to keep track of all your passwords. However, there is no point in trying to store your passwords securely if they can be easily cracked by software. It would be wonderful if we could create a simple, four-letter password to get into all of our accounts. Unfortunately, this is definitely not secure.
Password-cracking software is designed to break passwords by trying all possible options. If your password is only six lower-case letters, it can be cracked in less than a second. Even adding capital letters, a number, and a symbol only takes the total for a six-character password to 52 seconds. An eight-character password (with all of the above items) would take only 3 days to crack. It is critical that you use a long password. So that you don't have to constantly make your passwords longer, I recommend using at least 12 characters.
But this leads us to how you can remember your password. Obviously, you can use a password manager or a notebook to store them, as long as you keep them secure. But there are some easier ways to remember your password.
One possible way is to think of a sentence. For example, I might choose: "The Chicago Bears won the Super Bowl in 1985, the same year I was born!" Then, I can take the first letter of each word to make my password: "TCBwtSBi1985,tsyIwb!" That's a 20 character password! Even if I need to write down the password, I can write down the sentence as a reminder without needing to actually give up my password.
You can also use a similar method. Instead of the sentence, I could just use a few words of it: "Chicago Bears Super Bowl 1985!" and take the first three letters of each word to create: "ChiBeaSupBow1985!" That's 17 characters!
A less secure method would be to use symbols to replace letters in a sentence. For example, "I love to watch soccer!" could become "Il0vet0w@tch$occ3r!" You could also misspell words, creating something like, "Iluvt0w@atch$ock3r!". These passwords are not as secure as the ones earlier, but they will still be difficult to crack.
One final method is to use the same root word or words for a password, and then add modifiers to it. For example, I might choose to use my name and the names of my parents: "JimYvonneSteve". Then, I can make unique changes to it for each website. "J!mYv0nneSt3ve", "!jImyV0nnesTeve", or even "Jim!22Yvonne!22Steve!" This method also helps you if you need to write down your passwords: you can write down clues to help you remember the modifications, but only you know the root password.
As a final note, password crackers are optimized to do what most of us will do when forced to create complex passwords. They will usually check the top passwords first, then they will start to use words, and then start adding an uppercase first letter, a 1 or 2 placed after the word, and a symbol at the end or used to replace a letter. Enough passwords collected from password dumps follow these guidelines.
No comments:
Post a Comment