Categories
Password Security

Password Do’s and Don’ts

Five “Don’ts” & Five “Dos” for Better Passwords

1. Don’t leave passwords blank.
2. Don’t use your username as a password.
3. Don’t use identifiable information (such as a birthday).
4. Don’t write passwords down.
5. Don’t use auto-fill for passwords (especially on public computers).
6. Do use 8 characters or more.
7. Do use a combination of uppercase, lowercase, numbers, & symbols.
8. Do memorize your password.
9. Do change your password periodically (at least every 60 days).
10. Do keep your password a secret.

Categories
Password

Why do I need a long password?

Security experts suggest that you create passwords with 8 or more characters.  Why does password length matter?  When a hacker attempts a bruce force attack, longer passwords make it more difficult.

The success of the brute force attack depends on two things.  1) password length and 2) number of possible characters that are being tested.

Let’s assume that a brute force attacker will use all lower case letters, all upper case letters, plus about fourteen common keyboard symbols.  That gives the attacker (26+26+14)=66 characters to work with.  A 1-character password has 66 different combinations.  While a 2-character password has 66*66 combinations or 4,356 combinations.  The table below continues the calculation.  The time to crack column is based on testing 250,000 passwords per second.

Characters Combinations Time to Crack
4 18,974,736  76 seconds
5 1,252,332,576 5009 seconds
6 82,653,950,016 4 days
7 5,455,160,701,056 253 days
8 360,040,606,269,696 46 years
9 23,762,680,013,799,900 3014 years
10 1,568,336,880,910,800,000 198,927 years

In summary, when it comes to password security, more characters are safer.

Categories
2012 Password

Best Passwords for 2012

We are now a few months into 2012 and computer security is still an important topic.  Use our password generator to create a new password for this year.  Update all your banking passwords and any site where your credit card or personal information is stored.

The best passwords for 2012 are the same as previous years: include as many characters as possible with a mixture of upper/lower case letters, numbers and symbols.  Don’t repeat the bad habits of using lazy passwords.