21st century chaos fills our lives with distractions, flashing lights, reminders, leaving many yearning to simplify aspects of our lives – but passwords should not be included in this. Taking a serious look at how you set up your password can make the difference between a strong barrier to your accounts or a paper thin wall that easily hacked. If your password doesn’t look like your cat walked all over your keyboard, your password isn’t strong enough. So, how can I know how strong is my password? Here are some crucial tips and tricks follow that will help you create a strong password that won’t require you to have the memory of an detective to remember.
Signs your password isn’t strong enough:
- It is a common name or word
- It has personal significance (your name, spouse’s name, dog’s name)
- 6 characters or fewer
- Birthdate or contains SSN
- It has all lowercase letters
You can find several tools online to check your password such as the password strength checker available from Kaspersky. You should not depend on password checkers alone since cracking passwords takes a lot of processing power and time that a single password strength meter cannot afford to do. A simple password strength checker will check your password strength based on length, common names, and a list of other things that are commonly included in weak passwords.
Pad your password
What is password padding? and what does it have to do with how secure is my password? It is almost self-explanatory, pad your password at the beginning and end with numbers or special characters. For example if you have a strong password with numbers and upper and lower case letters but have a difficult time remembering where to place those special characters (!@#$%^&*), put them in the front and back end of your password. The double bang (!!) is good but use a combination of !@ or #* to change it up. As long as you remember the proper arrangement of those special characters, you won’t have to strain your memory too much. Padding your password with just two special characters or numbers can mean the difference between days and years in the length it will take an attacker to crack it.
Don’t just create a long password
If you think D0ggggggggs is more secure than D0gs you are correct, however; repeated characters are not recommended. Repeating one or two characters is fine as long as you don’t depend on repeated characters to make your password the Fort Knox of your private accounts. Common attackers are getting smarter every day and brute force tools are becoming more readily available even for the average amateur hacker.
The importance of character combination
A password with all lower case or all upper case letters is not as strong as one with a combination of the two. The same can be said for numbers and special characters. The use of each type of character forces an attacker to sort through a larger range of characters. A smart attacker will perform brute force attacks with attempts using all upper or all lower case letters, which will take less time to crack than one with a combination of upper case, lower case, numbers, and special characters. An initial brute force attempt does not include spending time guessing passwords that contain combinations of numbers, case letters, and special characters. Only after a first attempt at password cracking all lowercase letter passwords have failed is when an attacker will take the next step to target passwords with additional types of characters. If your password contains all lowercase or all numbers, it will be guessed on the first run through of a brute force attempt.
Is my password secure?
The more complex a password is the stronger it is. You don’t have to create a password 25 characters in length that takes you longer to remember than the time you spend in your account. A strong password should be at least 12 to 15 characters long and include a full combination of numbers, upper and lower case letters, and special characters. Do not use common names or words from the dictionary. Having a combination of characters will require an attacker to go deeper in the search.
Do not use the same password for all accounts
You should have a separate and completely different password for your social media, email, and financial accounts. Do not use 45Dighiey$# for one site and then 45DiGHiey!! For another, even though they are different, the similarities can make it easy for an attacker to break into your accounts. If one is successfully hacked, the other won’t be too far behind. A strong password is great but you need to have a different one for each account.
Keep your passwords separate
Do not store your passwords in your other accounts. This means do not email your passwords for other accounts to yourself. If you have to write down your password (not recommended), write it down on a small piece of paper and do not write the name of the account. If you lose it, change it immediately for that account. Although a random password found on the street, bus, or subway doesn’t do much good to anyone who finds it, it is better to be safe than sorry. You can get creative by color-coding your passwords if you have to write them down.