How strong is your password?
People usually don’t give much importance to password strength. We must remember that the strength of a security architecture is equal to its weakest link. So it doesn’t matter if you have a strong cryptography algorithm applied to your data if you use a weak password for your key that can be quickly broken by guessing, or using a brute force or dictionary attack.
A strong password is formed by at least 8 of the most random sequence of letters (uppercase and lowercase), numbers and special characters possible. So we can tell that 3k!0H9w# is a strong password. The problem is, in a world where we have passwords for almost everything, how can we remember this kind of character sequence?
There are some techniques that might help you obtain a strong password and still make it easy to remember. A common one is to switch letters with visually similar numbers or symbols, something like “P0c4h0nt4$” (Pocahontas). To make it better try to not use single words, but small phrases like “!l1k3P0c4h0nt4$” (IlikePocahontas).
If you still think that this is hard, try at least repeating characters in a word, avoiding a basic dictionary attack. For example, “anacondda”.
People tend to use common words for passwords. You can find a lot of lists on the internet. Check then and if your password is there, I recommend you change it immediately.
A free and very good tool called Keepass can help you to safe store all your passwords. The app database is encrypted, and you will need only to remember a master password (keep this one strong) to access all the other ones.
Be safe!
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Hi,
Firstoff: Nice blog. I like it.
Now to the topic.
That the weakest chain in a security protected architecture is always the user in front of the keyboard is nothing new for me.
Everyday I’m surrounded by people which don’t use their password as intended and have easy phrases or names that aren’t even case-sensitive.
On my work we use the system that you are forced to change your passwords every 30 days but many people just add a digit at the end of it or count any number in it easily upwards.
That this is not the way the passwords should be used will be ignored and I could run around and scream all day about that.
For my part I have approx. 28 passwords to use and every single password is unique and at least 16 letters strong.
They include case-sensitive letters, special characters and digits.
I change them round about every month.
It’s natural for me to secure every sensible data.
I don’t want to have any person around watching my data that aren’t intended to be seen by them and other parts are sensible and must be secured with passwords.
I think many people see passwords more as a obstacle than as an protection.
Tools like Keepass are useful for persons who can’t remember many passwords but I know a lot of people which dont want to remember a single password because it is ‘hard’ to remember these things just to keep it safe.
I can’t understand this opinion and try to show them that passwords can be easy to remember or to set up.
I hope that in the future more people will use intelligent passwords and stop writing that goddamn (sorry) password down on a piece of paper and put it on the refrigerator or under the keyboard.
Greetings,
Alex