Thursday, October 1, 2015

How to Create Strong Passwords

Currently hackers can process thousands of randomly generated passwords in a matter of minutes. In a recent study a security research group was successfully able to crack over 14,000 password hashes in only 16 minutes! So how easy can your password can be cracked? Well, it depends on how strong your password is. This post offers some guidelines for creating strong passwords, how to remember them, and how to store them securely.

First off, there is no such thing as an impenetrable password. Any password can be cracked. So look at it this way, the longer and stronger your password is the longer and harder it will be to crack. Think about it. If you are a hacker and you have 900 password hashes, and the first 850 of them are using things like "password123" or "billybob1951", why waste your time cracking a strong password that could take weeks to crack when you can spend five minutes cracking these easy ones. Hackers are knocking on the door, all they need is someone (anyone) to open the door. 

So lets start with the general password rules:
  1. Should be a minimum of 10 characters long (but again, the longer you make it the better).
  2. Should contain at least 1 special character (#, !, &, *, etc.).
  3. Should contain at least a mix of numbers, upper and lower case letters.
  4. Avoid repeating characters (mypassword7777).
  5. Avoid dictionary words, names, etc. (ilovepizza2001 = awful password).
  6. Avoid using words that describe you (pets names, SSN, birth date, etc.). 
  7. Avoid using the same password(s) for different websites and applications (if one website password is compromised, all your websites are compromised). 
But if I create strong passwords, how will I remember them? First, create your passwords based on sentences or phrases that you will remember:

"I live at 233 Park Street" = "!L!v3@233P@rkStr33t"

Or you can use a password generator such as to create you a strong password based on the criteria you select:

Now if you follow these guidelines and are creating all these strong passwords, chances are you are not going to remember them and you are going to have a hard time managing them. So what do you do? Use a password vault such as LastPass or KeePass. With a password vault, you only have to remember one password (which lets you into your vault). Then you can store all your usernames and passwords in one place. 

Password vaults are generally free and are a good method for storing your passwords securely. You simply copy and paste your passwords into websites, applications, etc. Some password vaults can even populate your username and password automatically into the website or application with the click of a button. 

Bottom line, creating strong passwords is very important. It is incredibly easy to guess and crack passwords. This guide will help you create strong passwords and there are options for remembering and storing these passwords. Find what works for you and you will be better off than most people, in a world dominated by technology.