2019-01-20

How to create a secure password – a banal string is not enough

Access to a computer, several e-mail boxes, full of private photos, disk in the cloud, profile on the social portal … our data is practically everywhere. How to protect them against unauthorized access? The first barrier that we can put up is the password. A suitable, strong password. Only with him is the problem – a strong password is usually associated with an incomprehensible, completely random sequence of characters that can not be remembered. Error! If we create them in the right way, the only people who will cause problems will be those against which we want to protect our data. For us it will be completely clear and simple for it.
So how to prepare them? How to create strong passwords? This you will learn from our guide.

Password length

Here the rule is simple – the password should contain no less than 8 characters. The more will be (though you should not exceed 127 characters), the better, of course. Each subsequent character is an increase in the number of combinations necessary to break it, thus increasing the level of safety.

Characters in the password

In most cases (except for the PIN number for the payment card) when determining the password, we can use the four most important character categories. These are:

  • uppercase,
  • small letters,
  • numbers,
  • special characters available on a standard keyboard.

And signs from each of these categories should be found in the password. Why? Again – it significantly increases the complexity of the password, and hence – its strength and security. To illustrate this we will present a few numbers (if you believe us and only you are interested in practical matters, you can go straight to the next point).

If we create a password consisting of numbers only, we will have only 10 characters (from 0 to 9). Thus, the number of combinations necessary to break it is relatively small, especially in the case of limited-length passwords, such as the payment card PINs already mentioned. In their case, the maximum number of combinations is 10,000. Will this password be strong? Absolutely not.

Passwords consisting of letters, but without distinguishing their size, are already safer, but still can not be called strong. To create it we can use 26 different characters, the possible combinations are in this case 2 * 1011.

READ  The vulnerability in Google Chrome allows to spy on PDF files. The patch will not appear quickly

Passwords, which still consist only of letters, but with a distinction of size, are already 52 characters available. The number of possible combinations – 5 * 1013. Will this be a strong password? Not yet. 

Passwords consisting of uppercase and lowercase letters and numbers, enabling the use of up to sixty two characters and increasing the number of possible combinations up to 2 * 1014, will be somewhat safer. In theory, most of these passwords will be considered strong, but we will soon prove that they do not always have to be that way.

Passwords created from uppercase and lowercase letters, numbers and special characters (33 symbols available on most standard keyboards) will be much stronger. 95 different characters, which we have available as many as 7 * 1015 possible combinations, so we can achieve a really high level of security.

So it’s not difficult to guess which of the above options to use. Yes, if we want to create a strong password, it should consist of characters in all available categories.

Creating a password

The mere use of all available characters does not guarantee, however, that the password created from them will be safe. If the combination “
HT$%^CFRR” will be a really strong password, it is eg. Hurricane1! not necessarily. You guess why?

In the second example (the real one, although the password sounded a bit different), there is an absolute unacceptable thing – it used the whole word that exists in reality (worse, it was in some way, though we will not reveal the details associated with the login). Of course, you can do it, but only if you want to make life easier for cybercriminals. Or in another case, about which we will write a bit further.

The basic principle of creating a strong password, however, is to make it incomprehensible to other combinations of characters, impossible to guess for others based on their knowledge about us (meaning we do not give the name of a favorite cat or spouse’s birthday) and not be broken by systems computer substituting all possible words and their combinations in place of the password.

So, the only way to create a strong password is to introduce an absolutely random, impossible to remember by most people string of characters? Not at all. The example of a strong password given above – we remind it, it sounds “HT$%^CFRR” – it is completely logical and possible to use at any time, without saving it on a piece of paper or – we warn against – in a txt file on disk computer. It is only important that such a slogan, though it looks chaotic, can not be random, but methodically prepared. 

READ  mIRC with a serious bug. For those who still use it, it is recommended to quickly update

Instead of a password … a passphrase.

However, if we are afraid that we can forget such a specific string of characters, then it is worth using the passphrase instead of the classic password. What is this? A set of a few randomly selected words. Some entry systems will say that it is not strong, but they still provide a very high level of security. However, there is a condition. The words used in the passphrase must be absolutely random. We chose them by opening one of our favorite books on random pages and selecting the first word we saw every time.

In this case, however, we must find a way to remember the password. We can of course remember them, but this method is as effective as treacherous. So we can use, for example, a special code meaning the location of individual words in the book. that is, for example, type 77 12 5 163 27 8 291 32 11 54 2 10.

Password generators

Instead of creating a password for yourself, we can also provide it with special software called a password generator. It will prepare us completely (as far as possible) a random string of characters, which will be no less strong, but no less complicated than the password prepared according to the method described in the first paragraph.

An example of a password generator can be found on LASTPASS

Summary

Since we already know how to create strong passwords that ensure a high level of data security of the password, it is worth mentioning one more thing. If you use multiple e-mail accounts, disks in the cloud or any other programs and services that require authentication, remember to have a different password prepared for each one. Otherwise, you can – although of course we do not wish anyone – at the same time lose all data, emails, files or photos and video, stored in even a dozen or so services. However, when you use a separate password for each service, the level of security of your data will be much higher.

Facebook Comments
Share

You may also like...