Tags

, , , , ,

That’s right. I said it. I don’t use passwords. You shouldn’t either.

“But wait, Jon! You have to use passwords. You have to set a password for every account you create!

That’s partially true… so lets take a look at some passwords using https://howsecureismypassword.net.

password 

password

“Everyone knows you don’t use “password” for a password, so that’s a bad example.”

Okay, okay… I really like corvettes so lets try corvette

corvette

Also cracked instantly on your typical personal computer.

Do you get really annoyed when websites ask you to include at least one number?

Let’s try password1: 

password1

Well that didn’t help any.. I added a number and my password is no better off than it was before.

What about a capital letter?

Password1

cap-password1

 

No good.. and that just fulfilled all the requirements of a “complex password” Capital letter, number, and over 8 characters.

Lets add another number just for fun:

password21 

password21

Woohoo! It takes 10 days to crack password21. That got to 10 characters. Now I only have to change my password more frequently than once every 10 days!

What if we add the capital letter here too?

Password21

cap-password21

1 capital letter and it goes from 10 days to 6 years for a single personal computer to crack your password. Now if they have more power than a single computer or go about things in a strategic way it will only take a fraction of that time.

Let’s add a symbol.

Password*21

password*21

That’s more like it! I’ll change my password at some point in the next 4 thousand years! But it’s kind of hard to remember.. what were the numbers? Where did the asterisk go, again?

But the point of this post was that passwords are bad.. even complex passwords like that last one.

Now, let’s use a pass-phrase instead of a password.

passwordsarebad

passwordsarebad No capital letters. No numbers. No symbols. Just 15 letters. That more than tripled the time it would take to crack. Plus, it’s easy to remember!

Length is the best thing for your password:

thisismyfacebookpassword 

thisismyfacebookpassword

Easy to remember. 72 quadrillion years.

Passwords are bad. Take your first steps to being more secure online and use pass-phrases.

Of course other things play into strong passwords. Don’t let people see you type it in. Don’t use phrases that someone who knows anything about you would be able to guess. Use a different password for every site. And I could go on and on.. This definitely isn’t THE thing to do to make your passwords uncrackable, but it’s a start.

*Don’t type your password into random places that it shouldn’t be.

Advertisements