Choosing A Safe Password



The Importance Of Good Password Choices

A password is like a key to your home. If someone steals it, chances are he will use it to steal something else. We use passwords everywhere in our life: to unblock the cell phone, to protect an important document, to block children’s access to certain TV channels, to operate our bank account, to de-activate an alarm system, or to receive the e-mail. The life of an Internet user is absolutely impossible without passwords: e-mail, ICQ, online discussion groups, commercial websites — all of them use password-based authentication. We use our “virtual keys” everywhere and all the time. We are so accustomed to passwords, that we don’t pay any attention to them until we lose or forget one…

You must have heard of stealing the ICQ numbers. How can a thief steal the UIN so easily? In most cases the answer is simple: you forget to use a safe password and you pay for that. Imagine, that a stranger reads all your e-mails and you don’t even know about that. Sounds like a very unpleasant situation, doesn’t it? So, how do hackers steal the “virtual keys”?

Let’s get a clearer look at how hackers can guess passwords and what mistakes many users make when choosing a password.

The first and the most obvious guess would be to assume that the login and the password are the same. This is so obvious, that you would think that it should almost never be successful, but, unfortunately, it works all too often.

Mistake 1. Login name and password are the same.

Other easy choices include pet’s name, spouse’s name, birth date and so on. This is the second most popular mistake.

Mistake 2. Children’s and spouses’ names, birth dates, pet’s names and so on.

Another common mistake is the use of passwords based on keyboard layout: passwords like “123”, “sdf” or “cxz” are chosen because of the easily remembered geometric patterns they form, but they are also very easy to guess.

Mistake 3. Passwords based on keyboard layout.

If you haven’t made any of these mistakes while choosing your password, the hacker can try to crack it. There are a variety of programs for guessing passwords by trying the possible variants (the so-called “brute force attack”). In this case the more secure your password is, the more time it will take to guess it. Note that mail servers, for example, can identify the brute force attack and block the hacker. But he cannot be blocked forever and after some time will be able to continue his attempts.

Follow the rules below to create passwords that are not easy to guess:

  • The password must be at least 6 characters long. The longer—the better.
  • The password must contain a mixture of upper- and lowercase characters, numbers, punctuation marks and special characters.
  • It must be meaningless.
  • If a password is hard to remember, it is also hard to guess.
  • Change your password at least every two months.

If you follow all these rules, cracking your password will take months and even years.

But how to choose a safe password?

Human imagination is virtually unlimited and you can invent any super-complicated password. But then you will need another one, and more, and more… Most likely you will end up inventing the passwords that are very similar and all your efforts will be in vain. But you can use ready-made solutions that will help you create effective and safe passwords.