Make Passwords easier

There are hundreds of password related articles out there and instead of adding to the cacophony I’m going to give you a simplified version.

  1. Make it long – Password Length is more important than Password Complexity
  2. Keep it safe and single – It’s easier to steal a password than crack one

 


Make it long

Size matters – in fact it is the most important thing

Password Length is how many characters are in the password.

Password Complexity is how many different types of characters (upper case, lower case, symbols, numbers) are used.

In the most simplified way, the longer the password the harder it is to break.A quick fun test of password security is to put a password similar to yours into here https://howsecureismypassword.net.

But I have a 6-8 character password I can type

Well for starters, try not to use the same password twice, on anything, keep them all different. But it’s so hard to remember the 10,000 passwords I have. 

Yeah that is a thing that has become pretty common. Here’s how to fix it:

Type it twice

Basically in 2015 you want a password that is a minimum of 12 characters long. You already have an “old” password you remember how to type that is 6-8 characters minimum. So type it twice and add the initials of the service / site you’re connecting to.

  • Your password that you can type over and over and never get wrong cause you spent 5 years typing it into everything: Lcm87!
    (52 seconds to crack)
  • New Password: Lcm87! Lcm87!
    (465 million years to crack)
  • Facebook: Lcm87! Lcm87! facebook 
    (322 septillion years to crack)
  • Twitter: Lcm87! Lcm87! twitter 
    (3 septillion years to crack)

Better passwords than that

So to make even better passwords;

type a short statement.

You don’t even need capitals or punctuation – the above would be a 23 character password (837 quintillion years to crack) before you put the service name on.
It is pretty easy really.  <- That’s another one.  <- So was that and this.

It’s better than you might think beacuse password cracking programs don’t often include ” ” as a valid character.

Make them even better’er

Instead of a sentence or statement that makes sense use unrelated words – in fact check out XKCDs take on this it explains it really well and with more humour than I can muster: XKCD – Password Strength.


Keep it safe and single

People don’t really value how important their security is

Until someones privacy and security is breached people don’t comprehend how important passwords are (same for backups I’m afraid).  It’s a a key, it’s also very easy to copy (you just need to hear it, or see it). If the wrong key gets stolen (your email for instance) all your other keys are up for “I forgot my password” grabs.

I can get your password faster by tricking you into giving it to me than trying to use a program to break it.

It’s not even hard to remember a password

It is not a heavy burden to be required to remember and keep private a password. You complete far harder and more complex objectives just eating breakfast or driving to work. No more excuses – if you can’t remember your password and need to write it down somewhere, then there is something wrong with you.

Some people can remember facts and figures of sports teams or historical events but then complain about how hard it to remember their password. It is important, it is valuable, it is dangerous and It is your responsibility.

Responsibility – take it.

If you work in a College and have access to private information of students; and you’ve told anyoneyour password – you are incompetent. You are putting so much at risk , think for only a moment about the possible implications of sharing that password, of someone over hearing it, of someone seeing it on the post-it note, of someone watching you type it. You should be paranoid about it. It can do more damage than you think it can and it will be your fault. Your online banking password or the pin to your credit card are nothing in comparison to how important your College password is.

A note to Schools and Colleges

Set a password change to happen at least twice a year (start of Term 2 and 4 are good timing), make the password a minimum of 12 characters. Don’t accept excuses – if a teacher can balance a chemical equation, knows the date or name of any historical battle, can correct your punctuation and spelling or can name an artist from a single song or painting; They can remember a password.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply