John P. posts an interesting article "How I’d Hack Your Weak Passwords", in which he describes the routes that a hacker would take to crack your passwords. Including, for example:

  • Easily guessable passwords. Using "Cassie123" as your password? Bad idea!
  • Brute force attack. How long would it take an average computer to crack a five-letter, lowercase-only password?
  • Cracking a less secure site, then hoping you use the same password for more important sites
  • Cracking your email password, then looking for password reminders from more important sites

For what it's worth, here's a quick way to create a reasonably secure password:

  • Take a phrase that you can easily remember. I'm going to go with "Snape kills Dumbledore".
  • Alter it slightly to make it less guessable. This one's a little short, so I'll extend it to "Oh noes! Snape kills Dumbledore!"
  • Take initial letters for words or syllables. Take what seems sensible to you; "onsnkdbd"
  • Mix it up a bit with capitals, numbers, and/or punctuation. More character types means better security. "0n!Sn8kDbd!"
  • Practice typing it a bit to see how it flows, and change it a bit if it trips you up too much. On second thoughts, I don't like that 8, and the final ! is awkward. I'll change it to "0n!SnpkDbd;"

Microsoft suggests a similar technique, and provides a handy online password strength checker. It thinks the above password is "strong" (not "best", though, which it reserves for passwords at least 14 characters long... slightly overkill maybe?)



spudtater: (Default)

Most Popular Tags

Powered by Dreamwidth Studios

Style Credit

Expand Cut Tags

No cut tags