«

postheadericon Strong Passwords

April 18th, 2010

I have been trying to figure out why people insist on using weak passwords. Maybe it’s because they think they will forget a strong password. Perhaps they don’t believe they could ever be the target of a cyber attack or identity theft. Whatever the reason, those people are begging to be ‘victims’.

Weak Passwords

Weak passwords are easy to guess or crack.  If I know just a little information about the person whose account I am trying to access, there is a strong possibility I can guess their password.  Name, name backwards, kid’s or significant other’s name, birth dates, name of high school or school team name, college mascot … you get the idea.  Basically any real word, name, or significant number is easy to guess.

Even if I don’t know anything about you and you use a weak password, I can probably use a brute force attack to get your password.  It takes 3 lines of code to write a program to use a dictionary attack.  Dictionary lists are abundantly available online.

Strong Passwords

  • Passwords should be at least 11 characters long
  • Use a mix of upper and lower case letters, numbers, and ASCII symbols (like !@#$%^&* etc.)
  • No real words or significant numbers should appear in your password
  • Never give your password to anyone
  • Never write your password anywhere
  • Use different passwords for different services
  • Change your passwords at least once per month

How Am I Suppose to Remember a Strong Password?

Each month, pick a short phrase that makes sense to you.  Then obscure that phrase using an easy to remember algorithm (omit spaces):

  • Ex 1: Type your phrase out on your keyboard using the next higher row of keys while alternating the Shift key
    —-
    My dog is Fido becomes j^e(t*wR8E9
    —-
  • Ex 2: Use your telephone keypad to spell out your phrase while alternating case, numbers, and matching ASCII characters
    —-
    My dog is Fido becomes m9#O4$3i#^
    —-
  • Develop your own ‘algorithm’ and use it to create your own unique strong passwords every month
  • Never tell anyone you use an ‘algorithm’ to create passwords form phrases
Posted in Miscellaneous

home | website design | managed hosting | blog
Copyright © 2009-2010 CM Owen. All rights reserved.