Every time that you cleverly come up with a seemingly complicated combination of letters, symbols and numbers for a password, you are not only up against creepy individual hackers, you are up against a myriad of easily obtainable super-computers! Your password has to be strong enough to hold up against these computer programs that can use infinite numbers of dictionaries from multiple languages, Wikipedia and everything in the World Fact Book to run encrypted passwords in a matter of MINUTES. Passwords like yours are probably too short, too personal or just too simple or predictable.
This article will help you to see that you need to change your password as soon as possible and it will also give you hints on how to create ‘bulletproof’ passwords and protect yourself against the highly technologically advanced, increasingly adaptable hacker world.
Cracking weak passwords is easy! Steve Ragan, Tech Herald journalist, proved this when he used free downloadable software and a $300 off-the-shelf computer to crack over 80,000 encrypted passwords in only 5 hours.
It is very important to remember that once ONE of your passwords has been compromised, (just like 24+ million Zappos.com shoppers earlier this month), it isn’t just bad news for that one account on that one Zappos website. The hackers can have a ‘hacking party’ with access to your Facebook, Twitter, or email accounts IF you have used the same login for these other services as well. Information can be extracted from one of your accounts and used against you to access another.
Many have advocated for the use of Leetspeak (1337/133t), but the truth is that Leetspeak passwords suck too! Leetspeak will not keep your password safe. A senior Security Advisor at Sophos, Chester Wisniewski commented, “Numbers substituted for letters is really, really bad. Most password applications will try that before they do plain English,” It is also important to never use your birth date/birth year. This is an easy way for the hacker to breach other parts of your accounts. “If there are four digits at the end, it’s not a remarkable coincidence that most start with 19..” added Wisniewski. Creating patterns on a keyboard is also not very secure. Your partners name with a few digits added on here and there does not cut it. “You think you’re being clever, but you have to remember: The criminal’s a part of us.”
1. Size matters
Making a password longer is always better. Experts suggest that the ideal length for a strong password is 12-14 characters. “The password, Apple, is bad. But focusing on length, Appppppppppple with 11 ‘P’s,’ is actually really good. So size does matter.” says Wisniewski. “Adding one more character makes it exponentially more difficult to break-even if you don’t use silly characters,”
2. Use pass phrases
Steve Ragan encourages the use of pass phrases, “It’s something that’s personal—that’s easy to remember. The longer and more random, the less chance of a dictionary crack being successful.” “IamtheCaptainofthePina4″ is a commonly used example of the kind of excellent pass phrase that would be difficult to crack.
3. Complication is the key
Wisniewski shares personal trick. He uses a line from a favorite song. He’ll pull the first letter of each word of a line in the song and stick them together to create a password that is easy for him to recall but very difficult for hackers to crack. The trick gives him randomness that would not show up in a dictionary search and it also gives him length which stands up against the most intrusive breach attempts.
4. Use symbols and numbers randomly
Do not use numbers and symbols systematically. for example, you should not use symbols to create expected gaps in a pass phrase. A password like “I-love-peanut-butter-cups-4″ is not as strong as “Ilovepea4nutbuttercups”. When many words are joined together seamlessly the password becomes incredibly hard for computers to crack. A string of random characters will provide you with even more security.
5. Use more of your keyboard
“Most people don’t know you can use parentheses in your password,” he says. Letters, numbers, special characters, and upper case—if you’re allowed to, you should use them all. Stephen Bono, a principal security analyst at Security Evaluators suggests trying out every tool that you can from the vast number of symbols/letters and numbers on your keyboard.
6. Use a Password Manager service
The problem, of course, comes with remembering that many characters. (DO NOT store your passwords in a spreadsheet or on email! Access to one account means access to the rest of your life). The taxing job of having to remember all of these passwords is a common dilemma.
Get yourself a password manager service. These will assist you in not having to remember your new super-secure, 14 character, symbol-filled, dictionary-search-proof passwords.