As you all know the instance of having a strong password is indirectly proportional to remembering it. Recently in news a 25-year-old unemployed hacker was arrested. His crime, Guessing the american president’s twitter password. So is it so hard to have a good password. Fortunately the answer is no.
First attempt of a hacker trying to hack your account will be to guess your password. According to John from onemansblog.com following will be their first few guesses:
- Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they are always making you use a number, aren’t they?)
- The last 4 digits of your social security number.
- 123 or 1234 or 123456.
- password
- Your city, or college, football team name.
- Date of birth – yours, your partner’s or your child’s.
- god
- letmein
- money
- love
Here are some tips to have a strong password:
- Usual rules like use mixture of numbers, special sharecters and letters apply.
- Don’t use the words in the above list. Don’t even use related words.
- Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.
Password Length3 characters 4 characters5 characters6 characters7 characters8 characters9 characters10 characters11 characters12 characters13 characters14 charactersAll Characters0.86 seconds 1.36 minutes2.15 hours8.51 days2.21 years2.10 centuries20 millennia1,899 millennia180,365 millennia17,184,705 millennia1,627,797,068 millennia154,640,721,434 millenniaOnly Lowercase0.02 seconds .046 seconds11.9 seconds5.15 minutes2.23 hours2.42 days2.07 months4.48 years1.16 centuries3.03 millennia78.7 millennia2,046 millenniaRemember, these are just for an average computer, and these assume you aren’t using any word in the dictionary. If Google put their computer to work on it they’d finish about 1,000 times faster. - Use software to generate and manage your passwords. I recommend and usekeepass
- Have a unique passwords for every account you have.
If you are saying, “But wait a minute, my problem is, strong passwords are hard to remember!”
Nearly half the Internet users queried in a new survey said they use just one password for all their online accounts (via msnbc). If you are like them then to make your passwords strong along with your common password add the sites name, which will give you a unique password for every site you have a account with. For example if your common password is “123456″ then your facebook password will become: “123456Fb” and your gmail :”123456G” or “123456Gmail” and so on. This is not only easy to remember but also secure.
Or you can also try the following method ( via Purdue University):
- Pick a phrase that is easy for you to remember, but that no one else will think about attributing to you. For example:
pass phrase: My Wife’s Birthday Is April Twenty-Fifth Nineteen Sixty Six
pass phrase: “Four score and seven years ago our fathers brought”
pass phrase: “It was a dark and stormy night.” - Use the first letter of each phrase to form an abbreviation. For example:
m – My
w – Wife’s
b – Birthday
i – Is
a – April
t – Twenty-
f – Fifth
n – Nineteen
s – Sixty
s – Sixabbreviated pass phrase: mwbiatfnss
abbreviated pass phrase: foscanseye (the first 2 letters of each word)
abbreviated pass phrase: iwadasn - For added security (and usually as a requirement), change one or more of the letters into numerals and/or add punctuation to reach your new password. For example:
password: mwbi4tfns6 (a for April becomes 4, because April is the fourth month; s for six becomes 6)
password: 4scan7ye (fo for four becomes 4 and se becomes 7)
password: Iwad&sn! (i becomes I; a for and becomes &; added !)
Any of these passwords would be easy for you to figure out, but would be a nightmare for a password cracker. The idea in this method is not that the password itself is easy to remember but that the process that you go through to arrive at it is so simple that you find yourself re-creating the same password with the process without even thinking about it.
Do you have anyother suggestions to add to this list? Please share it in comments.