That’s right. I said it. I don’t use passwords. You shouldn’t either.
“But wait, Jon! You have to use passwords. You have to set a password for every account you create!”
That’s partially true… so lets take a look at some passwords using https://howsecureismypassword.net.*
“Everyone knows you don’t use “password” for a password, so that’s a bad example.”
Okay, okay… I really like corvettes so lets try corvette
Also cracked instantly on your typical personal computer.
Do you get really annoyed when websites ask you to include at least one number?
Let’s try password1:
Well that didn’t help any.. I added a number and my password is no better off than it was before.
What about a capital letter?
No good.. and that just fulfilled all the requirements of a “complex password” Capital letter, number, and over 8 characters.
Lets add another number just for fun:
Woohoo! It takes 10 days to crack password21. That got to 10 characters. Now I only have to change my password more frequently than once every 10 days!
What if we add the capital letter here too?
1 capital letter and it goes from 10 days to 6 years for a single personal computer to crack your password. Now if they have more power than a single computer or go about things in a strategic way it will only take a fraction of that time.
Let’s add a symbol.
That’s more like it! I’ll change my password at some point in the next 4 thousand years! But it’s kind of hard to remember.. what were the numbers? Where did the asterisk go, again?
But the point of this post was that passwords are bad.. even complex passwords like that last one.
Now, let’s use a pass-phrase instead of a password.
Length is the best thing for your password:
Easy to remember. 72 quadrillion years.
Passwords are bad. Take your first steps to being more secure online and use pass-phrases.
Of course other things play into strong passwords. Don’t let people see you type it in. Don’t use phrases that someone who knows anything about you would be able to guess. Use a different password for every site. And I could go on and on.. This definitely isn’t THE thing to do to make your passwords uncrackable, but it’s a start.