How do you balance the necessity of highly secure passwords with the utility of easily recalling them all? The only secure password is one that you can't remember, but there are times when you can't use a password manager and need to rely on your memory.
This post originally appeared on the Buffer blog.
It's a question I mull each and every time a security breach happens. When the Heartbleed vulnerability was discovered last spring, the mandate was for everyone to change all their passwords right away. It's still on my to-do list. I cringe at the thought of getting hacked, and I also cringe at the thought of taking the time and mental energy to do a complete overhaul of my favorite passwords.
Does this sound like you?
If you happen to have a system in place to manage your unique, random, unbreakable passwords, then my hat's off to you. According to some estimates, you are among a well-protected 8 percent of users who do not reuse passwords.
The rest of us are still searching for a solution. We know that creating a safe password is paramount, but how does one actually go about creating and recalling all those essential, random passwords we need? It took writing this post to get me on the straight-and-narrow with my passwords. Here's what I learned about how to create a secure password you can remember.
The Anatomy of an Unbreakable Password
The longer the password, the harder it is to crack. Consider a 12-character password or longer.
Avoid names, places, and dictionary words.
Mix it up. Use variations on capitalization, spelling, numbers, and punctuation.
These three rules make it exponentially harder for hackers to crack your password. The strategies employed by password crackers have advanced to an incredibly efficient level, so it's imperative to be unusual with the passwords you create. Here's An example from security expert Bruce Schneier about just how far password crackers have come:
Recent password breaches at sites like Adobe have shown how insecure many of our passwords are. Here is a list of the most common passwords that turned up in the Adobe breach. It probably goes without saying: Avoid using these passwords.
123456
123456789
password
admin
12345678
qwerty
1234567
111111
photoshop
123123
1234567890
000000
abc123
1234
adobe1
macromedia
azerty
iloveyou
aaaaaa
654321
If you're curious whether your chosen password is secure or not, you can run it through an online password checker like the one at OnlineDomainTools. To highlight the importance of a lengthy, random, unique password, the online checker has specific fields to show your password's variation in characters, its appearance in dictionaries, and the time it would take for a brute force attack to crack it.
No comments:
Post a Comment