Authentication represents one of the fundamentals of security. Your accounts, devices, doors, and homes all require strong passwords (or keys) to prevent others from gaining unauthorized access. Even some of my friends and families shower heads need some kind of secret code or chant that needs to be done to figure out how to work their shower.
Passwords, or keys, or important as they are the first layer of defense against cybercriminal from unauthorized access to your personal data. Or just someone trying to take a shower. If you do not have a base understanding of how to create strong passwords than this article is for you.
Above is a good “show-n-tell” diagram of how long it would take for an attacker to brute force your password if they were to try and guess it using an algorithm that runs constantly. If you notice that if your password were to be 4-6 characters long with only number and lowercase letters only, the attackers can get the password instantly. Luckily most systems have minimum requirements for password.
Let’s use Facebook as an example. Facebook/Meta has a password requirement of at least 8 characters long, combination of lower and uppercase letters(just one uppercase letter), a special character, and number. If you follow the graph, it will take 10 years to crack this password. That seems like a long time doesn’t. But this graph considers dictionary words. Dictionary password attacks is still highly uncertain for attacker, although it could drop that 10-year time to minutes or hours.
A password like “HappyDays2023!” would meet all requirements Facebook/Meta needs for passwords. Also, the password contains two dictionary words starting with capital letters, the numbers are together that make a year, and only one highly used special character. Not only would this be very susceptible to attack, if you knew a little bit about me you could guess it. I graduated college in 2023, and usually finishing school forever creates happy days. On top of that, how many of you enter “!” or any other special character at the end or beginning of the password to meet the special character requirement. The hackers know that.
So how about we create a stronger password. We can start by adding special characters and numbers in as letters. You can kind of think of this as creating your own language.
- @ for an a
- 5 or $ for an S
- 3 for an E
- 1 for an I
- 0 for o
- 7 for a T
- & for an 8
- () for o or 0
- ! for an I
- b for a 6
The list can go on and on, even creating your own encryption method. The new password will look something like “1-1@qqy!dAy$”. All password requirements are met, and it doesn’t even look like the old password. But we can make it even MORE secure.
Passphrases are used when passwords like the one we just created are short enough to meet the requirements but so hard to type. The last thing I want to do in the morning is trying to remember my stupidly complex and hard to type password. Meeting all the same password requirements for Facebook, I can create a super long password with just the minimum amount of complexity. Note that spaces will work in most applications and “+” count as a special character.
To keep the trend of Happy Days graduating college, lets form a passphrase from my short but overly complex password. “My Happy Days Started @ 2023 Millikin Drive” meets all passwords requirements, a lot easier to type, and 43 characters long.
A passwords length is just as important as complexity. In a perfect world, you would want to use both complexity and length in your passwords, but I will take what I get from you people! Password reuse is a major concern as well. Please create unique passwords for all account and devices as if one password gets breached, they all don’t have too as well. Now go forth and create stronger passwords to help hide all your sensitive data from unauthorized attackers.
Leave a Reply