In the age of ever-increasing internet involvement, the threat of someone hacking into your information by breaking through your passwords grows daily. To make an account far more resistant to hacking, follow these basic rules of what to have and what to avoid when crafting a well-constructed password.
One of the best steps to a strong password is to make it long — somewhere in the vicinity of 15 characters. The reason for this is that the more characters you have, the more possible combinations there are for your password. This helps confound brute force cracking, where a hacker attempts to figure out a password by trying different combinations over and over until they hit on the correct one. Professional password-crackers speaking to Ars Technica were able to break passwords of six digits or less nearly instantly.
Avoid: words and names
When a hacker tries to crack a longer password, using the brute force method to break through is incredibly time-prohibitive, so a quicker, easier option would be to try to guess the password without resorting to such measures. Easy options to try are names (particularly yours) and other dictionary words, even if you replace letters or words with symbols and numbers. Since using a word as a password makes a known pattern, computers can easily figure them out.
Have: cases and symbols
Another way to boost a password’s strength is to use both uppercase and lowercase letters, and to introduce numbers and other symbols. This adds more complexity to your password, increasing its resistance to guessing. According to password expert George Shaffer, an eight-character password that uses all of these can resist cracking attempts by force for up to 2 years.
Sometimes it might seem like a sound idea to use nonsense phrases that nonetheless form a pattern, like using the first six letters in the first row of the keyboard. Since this follows a pattern (swiping straight across the keyboard), this makes the password very weak and easier to break.
Have: regular changes
Once you craft a strong password, it pays to change it on a regular basis. Hackers constantly try to break passwords, and the longer you maintain a stagnant password the more vulnerable it becomes. For example, Facebook revealed in a blog post that during any given 24-hour period, 600,000 attempts are made to compromise the information of users.
Using the same password in multiple places is a dangerous prospect. If you use the same password for everything, when crackers breach one account, they can potentially break into all of them. According to Graham Cluley, senior technology consultant at computer security organization Sophos, this cross-platform approach is commonly used by hackers because about 30 percent of people use the same password across all of their digital accounts.
Have: a password phrase or password manager
All of these rules that minimize a computer’s ability to guess your password tend to create passwords that are hard to remember. Larry Magid, a long-time cybersecurity journalist writing for Forbes, suggests coming up with a word to represent each character of your password. The second method is to use a password manager. These encrypted services let your access complex, inscrutable passwords without needing to memorize a string of random letters, numbers and symbols.
Avoid: sharing your password anywhere
The simplest thing you can do to avoid having your password compromised is to not share it anywhere. That means not writing it on a post-it note that you stick to your computer at work, and definitely not sharing it with someone online.
Keeping up these rules will make your passwords incredibly difficult to guess, protecting your information from prying eyes. By being proactive about maintaining strong passwords, you stand a better chance at staving off the headache of having your information accessed by unwanted parties.