I remember, the old days when all you had to worry about was whether the milkman would arrive in time for breakfast. Those days, we listened to the radio for entertainment and lived a wonderful simplistic life, where personal privacy was a guaranteed commodity.
However, now with the wide usage of the internet, it doesn’t seem to be that way anymore. Some banks now store credit card details in online databases. Other firms do the same with their employee details. Now more often than not, these are protected with horrible flimsy passwords.
In 2007, InTechnology.com found that the world’s most common password was… wait for it… ‘password’. Oh the irony! Those right behind are: ‘123456′, ‘qwerty’, and ‘monkey’.
However, that is to say, the password system should not be a security flaw as well. Did you know that there are a thousand possible permutations (that is to say, number arrangements) for a three digit number? Now consider how many there’d be with four digits… and a single letter. (: This then brings us onto the topic of ’strong/weak’ passwords.
Guidelines for creating a Strong Password:
Why are some passwords strong and some others now? Wikipedia defines a strong password to be:
- Not contain any affiliations with the user in question, nor with any common words in the English Language
- Contain a mixture of letters, numbers and symbols (CaSe SeNSiTiVE would be best.)
- Be around 12 to fourteen characters long.
Examples? Here’s one straight from Wiki:Tp4tci2s4U2g! Seems to be a random string of text right? Let’s see what it stands for:The password 4this computer is 2strong 4 U 2 guess! Pretty neat eh?
So why is this stronger than just using ‘monkey’?
Most hackers exploit passwords by using a brute-force method. Essentially, this is where they go and create all the combinations of letters possible, and then feed them in one by one, normally with a computer to speed things up a bit.. Don’t get it? It’s okay, I suck at explaining things.
Let’s say I know somebody has a password created from two lower-case letters. Well, easy. I’ll just manually brute-force it.
‘aa’. No? okay, let’s try ‘ab’. Hmm… ‘ac’? ‘ad… no… ae… no…’ etc, etc.
Somebody’s going to get there eventually, and having macro-creating software at the tips of our fingers won’t help as well.
So to wrap up, the sole aim in creating such a password is to increase the total amount of possible permutations through using numbers, letters and punctuation.